Google's newest use: finding vulnerabilities

"Hacktivist" group Cult of the Dead Cow (cDc) began offering a software tool that scans for security flaws in Web sites by exploiting Google's omnipresence.

Goolag Scanner was developed by John Long, who is a published author and early pioneer in the Google Hacking tehnique. He is also a self-proclaimed "Christian Hacker" that often does his work for charity.

The freely downloadable standalone application for Windows lets people check domains for exploitable weaknesses. It uses one XML-based configuration file for its settings.

Many prominent sites, the cDc reports, have "unsettling" vulnerabilities, which it says could be easily fixed once Goolag locates them.