Cult of the Dead Cow (cDc) released a program and website called Goolag a few weeks ago, it provides an easy front end to running well known Google Dorks (Google hack strings) against your website to see if you have any of the common vulnerabilities indexed by Google. You can also find out quite a bit about your company's organization if you know what you're doing. It includes scans for server errors, well known files that contain password information, webcams, server errors, well known vulnerable files, and alot more. Unfortunately, the only binary available right now is for Windows but us Linux users can always just fire up a virtual machine and get it to work (it might work in Wine too, with a little tweaking). Its an interesting experiment in using Google to gather information about a target (of a LEGAL penetration test or vulnerability scan).
Must be logged in to post comments