More fun with Google Code Search! [updated #5]

find a whole lot of valid email addresses

from the secure coding mailing list:
robert c. seacord points to the arbor blog, which discusses static analysis using this service:
http://asert.arbornetworks.com/2006/10/static-code-analysis-using-google-code-search/

robert also points to some searches from derek jones:
how many instances of:
if (…) ; are there out there (skip the first half dozen unusual macro uses)?
long long link

security holes in php web applications
“backdoor password” :)
gunnar peterson points to searching dtds

stephen de vries points to several cool searches:
xss in java apps
(obvious) sql injection in java apps
xss in code from o’reilly and sun

from the daily wtf, more light and fun searches:
http://thedailywtf.com/forums/thread/94630.aspx
fun!
very similar searches also bring interesting results, such as tbd or tbd security.

another regex search for xss
a regex for format strings
wsdl

a previous post on this subject, with other searches:
http://blogs.securiteam.com/index.php/archives/661

with:
user-supplied variable used in an opentextfile query
write unsanitized user input into a browser
disable warnings
cdonts, my new leetle fren
sql query one
sql query two
sql query three
sql query four
sql query five
crypto one
crypto two
old school one
old school two
old school three
random injection

and lev’s original post:
http://blogs.securiteam.com/index.php/archives/659

what’s your fav?

gadi evron,
ge@beyondsecurity.com.

Share