LegacyCollector

Home | Legacy Firefox Extensions | Content Policy | Contact

HackSearch

Author(s):



Why HackSearch ?

As part of our testing, we have seen that there are lots of webpages and files of websites that are indexed by google which are confidential and shouldn't be public. These stuff, available online, which even you might not be aware of can serve as reasons for malicious users to use it against you or hack into your website. The addon, HackSearch is made available so that all website owners can use it to discover the vulnerabilities themselves and use it to secure their websites.


How do I use it ?

Install HackSearch
Open up your website in the browser
Right click and select each of the options of HackSearch
Check every result that's shown ( Yes, it's a tedious job, but it is needed to secure your site ! )
See if there is any data that should NOT be made public
Ask your developer/network administrator to fix it


How do I interpret the results ?

  • No results should show any sensitive data such as credit card details or passwords.

  • If the results show usernames, address or any other confidential details of yours, your employees or those of your firm, you need to rethink if it really needs to be shown. Ask them not to post confidential stuff in public forums.

  • For any emails that show up in the search results, make sure you talk to your employees and friends to have a very strong password which is atleast 8 characters in length. Talk to them to change the password periodically.

  • If the results show webpages, files or subdomains that should NOT be shown, talk to your developer/network administrator to fix it. He could do it by updating robots.txt and .htaccess or even by removing unwanted files or pages.

  • Note: The data might still be available in google cache.

  • If you need to immediately get the data removed from google index or cache, please go to Google Support Pages.

  • If the domain health or information tabs of HackSearch show red flags or contain data that you dont seem to understand, dont worry. Just show it to your network administrator and he will help you out to fix it if there are any issues.


  • How do I add the button to Addon Bar ?

    Open Firefox
    Go to View >> AddonBar
    Shortcut: Alt+(VTA)


    How do I add the button to Toolbar ?

    Open Firefox
    Go to View >> Toolbars >> Customize
    Shortcut: Alt+(VTC)

    Download files:

    hacksearch-1.1.1-signed.1-signed.xpi




    This page is part of the LegacyCollector website.
    Disclaimer: All material on this site is property of their respective owners and available under
    open licenses to the best of our knowledge. If you are an author and would like anything removed,
    then please write an e-mail to legacy [at] collector dot org.