Google Code Search for Fun & Profit

While toying around with Google code search to look for HTTP Response Splitting vulnerabilities, i discovered that code search is a treasure trove of vulnerabilities. For instance, simply try searching for “vulnerability”.

Looks like I’m about 2 years behind on this:

Chris Shiflett: http://shiflett.org/blog/2006/oct/google-code-search-for-security-vulnerabilities
Jose Nazario: http://monkey.org/~jose/blog/viewpage.php?page=google_code_search_stats
Dug Song: http://asert.arbornetworks.com/2006/10/static-code-analysis-using-google-code-search/
Cipher dot org dot uk: http://www.cipher.org.uk/bugle.php (Google Hacking with Code Search)

UPDATE (09/01/2008):

Regular expression search rocks. Why can’t you do this with regular search?

1 Comment

Leave a Comment Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

Related

1 Comment

Leave a Comment Cancel reply