Just two days ago I wrote about penetration testing using Firefox extensions. Well it turns out there’s another interesting security auditing tool that has just been released called Goolag Scanner, which essentially uses the Google search engine to attempt to “Google Hack” into your site. The results of the scan do not harm your site, but Goolag reports back on what it was able to hack into. “Google Hacking” is a form of vulnerability research and you can use this report to fix any vulnerabilities that might exist on your site.

The group behind Goolag call themselves CULT OF THE DEAD COW (cDc). A spokesman from cDc has this to say about their newest product:

“It’s no big secret that the Web is the platform”, said cDc spokesmodel, Oxblood Ruffin. “And this platform pretty much sucks from a security perspective. Goolag Scanner provides one more tool for Web site owners to patch up their online properties. We’ve seen some pretty scary holes through random tests with the scanner in North America, Europe, and the Middle East. If I were a government, a large corporation, or anyone with a big Web site, I’d be downloading this beast and aiming it at my site yesterday. The vulnerabilities are that serious.”

Your encouraged to take a look at Goolag, especially if your building or running a website.