Searching vulnerable sites with Google

At http://sucuri.net/ we have a free online tool that allows you to scan any domain name for security issues. It is very simple and report web server versions, possible domain names being leaked, vulnerable web apps running, etc.

Lately, I noticed that “Google Bots” has been using our site and scanning thousand of hosts per day. You know what that means? Well, now you can google for vulnerable sites and it will show the results from our scanning tool. Just choose a vulnerable application (or version you are looking for) and restrict to site:http://sucuri.net.

For example:

1. Search Looking for all Nginx web servers
2. Search Looking for all Nginx web servers running version 0.4
3. Search for all sites powered by PHP
4. Search for sites leaking the WordPress internal path
5. Sites with their public DNS pointing to private IP addresses

Note that Google just started scanning us that way (a few days ago), so the number of reported sites is likely to increase a lot in the next weeks…

On a side note, there is a project called SHODAN that also allows you to search for web server versions and open ports. Their database is way larger than ours and based on the IP addresses (while our is per domain).