Goolag.org, CdC's new web data auditing tool, launches
Source: http://feeds.feedburner.com/~r/boingboing/iBag/~3/238000039/goolagorg.html
Oxblood Ruffin shares word that Cult of the Dead Cow just launched a large-scale scanner project, Goolag.org:
SECURITY ADVISORY: The following program may screw a large Internet search engine and make the Web a safer place.LUBBOCK, TX, February 20th – Today CULT OF THE DEAD COW (cDc), the world's most attractive hacker group, announced the release of Goolag Scanner, a Web auditing tool. Goolag Scanner enables everyone to audit his or her own Web site via Google. The scanner technology is based on "Google hacking", a form of vulnerability research developed by Johnny I Hack Stuff. He's a lovely fellow. Go buy him a drink.
"It's no big secret that the Web is the platform", said cDc spokesmodel, Oxblood Ruffin. "And this platform pretty much sucks from a security perspective. Goolag Scanner provides one more tool for Web site owners to patch up their online properties. We've seen some pretty scary holes through random tests with the scanner in North America, Europe, and the Middle East. If I were a government, a large corporation, or anyone with a big Web site, I'd be downloading this beast and aiming it at my site yesterday. The vulnerabilities are that serious."
Goolag Scanner will be released open source under the GNU Affero General Public license. It is dedicated to the memory of Wau Holland, founder of the Chaos Computer Club, and a true champion of privacy rights and social justice.
GOOLAG SCANNER FUNCTIONS AND FEATURES
GoolagScan is a standalone windows GUI based application.
* Configuration. gS uses one xml-based configuration file for its settings.
* Data-House-holding. All dorks coming with the distribution of gS are kept inside one file.