While Google is for most of us just a search engine, for hackers it is a great tool to gather information and present the attack vector and first of steps against your organization.

The opposite side of Google as a search engine is that a lot of networks and organizations out there have no idea what kind information (classified and potentially dangerous) is presented out on the internet and how data leakage is accomplished that way. This leakage give a significant amounts of password files, confidential information, and configuration data and so on that can be easily found with ingenius queries.

After you read Google Hacking, volume 2, the real power and potential danger of Google is clearly understood. Author Johnny Long does a superb job by presenting insight information on how -not so fiendly - people out there but also penetration testers can use this knowledge and easily harvest information that has been gathered by the Google engine. He's wirting is great and keeps me interested the whole book and besides that he gives away plenty of interesting examples on how to built your own query.

So really worth buying!

Rob Faber , CISSP, CEH, MCTS, MCSE
Sr. Information Security Consultant
The Netherlands

In reading through this book, I found a wealth of information that was quite useful, most notably the links to all of the other tools, sites and techniques available on the web. I am an internal corporate web application pen tester for a financial institution and will certainly use the techniques described in this text in our next vulnerability assessment. I do have one complaint however in that the corresponding website for the text [...] does not have the code from the book. Overall a great book and a fun read. Highly recommended.

Very informative book, I've been using some of the knowledge I got in the book to improve my searches as well as to test the security of some of my company's web pages.

You name it someone may have left it in the wrong place. This text is a good reference for everyone interested in information security and honing their research abilities to a razor's edge. As Obijan says "know your target- get inside of his mind." Experts might scoff, but a handy reference. I use it to nail airline miles, among other things...in all honesty I have found some wild things using the standard techniques- really you need a guide on unraveling people's stupidity or, if you are feeling rather viscious lay a trap and hook it with cheese that has unexpected side effects. Fun for the whole family!

I work for a Forture 500 company that is upgrading intranet Search capability using Google Appliance. I bought this book to help determine what risks Google Appliance might expose. The book begins with good overview of the basic Google interface and includes tips for searching. I then expected to get the low-down on hacking using Google. What i discovered was somewhat anticlimactic, there really aren't any serious hacks to be had using Google. Obviously, you must be careful about web-content publishing processes. Also, Google is respectful of content you don't want crawled or exposed (using both Internet Search and intranet appliance).

The book is well-written and was a quick-read. Most of the info can be found online at Google website itself. I am glad i read the book cuz i got the warm-fuzzy i was looking for.

Syngress's "Google Hacking for Penetration Testers" (GHPT) by Johnny Long demonstrates to average Joes the power of Google. The author is the authority on how to use Google to recon an intended target. Considering the narrow focus of the subject, the book is able to thoroughly dissect the various tools and weapons Google offers. Certainly, this book is not admitting anything not already known in the hacking world, but the books does provide a valuable asset as a one-stop-shop at using Google.

First and foremost, before scouting a target, you must cover your tracks. GHPT first focuses on anonymity (I was particularly impressed with using Google as a proxy server on page 95). After masking yourself, the book focuses on network mapping, and locating exploitable targets. The book then offers 10 searches to find oodles of information that website owners probably don't want you to have. One chapter is devoted to tips to hunt usernames and passwords. Chapter 12, on automating Google Searches, was particularly valuable to me as I'm an extreme novice at scripting.

The book is written in a very simple, plain-spoken (or, more correctly, plain-written) style. While this book should not be the first book on one's security shelf, the subject cannot be any better defined than this book.

I give this book 4 pings out of 5:
!!!.!

It has everything you NEED to learn how to hack w/ using something as simple as Google. i never in my life would have thought you could get that much server info and vuln. info with just using Google. Johnny knows his stuff and this is a must have if you are a novice hacker that wants to stem-away from the title; "script-kiddie", this book will help you. Thanks to the authors for this great release.

Reconnaissance, reconnaissance, and some more reconnaissance! That is exactly what this book is all about. I won't recommend any serious reader to buy this book, as it does not benefit you from anything except amuse you with what can you do in your free time sitting in front of a search engine. I doubted the contents of this book even before buying this book, but due to IT consultant by profession, I overlooked my skeptic view and bought it. I have nothing against this book, but this book is addressed to the audience those who are already in IT field, and it does not teach you anything new for which you will shell our forty buck and read over 500 pages.

However, this can be a good book for some reference and to add in your computer room shelf, but it's just overpriced for the contents it has. Don't expect some great new stuff, it is just some stale information which you will find from internet for free anyway, and hey try to Google it!! ;).

I still think this book as hyped one which failed to deliver what it promises.