Hi, I'm considering the offensive security training courses, but to get some experience before hand I've been looking at some literature (some of it a bit dated ) which is available freely on the web and cheaply from bookstores. I've come across the suggestion of using scripting languages (python etc) to manipulate the Google API. Apparently a while back this was a widely respected technique for use in enumeration etc. From what I have read of the web API keys for this are not available anymore. Is this still a widely used technique or has google pretty much stamped on it?
I've read a bit about advanced Google stuff written by Johnny Long and it did seem quite frightening the amount of information google must have provided to malicious individuals in the past. Has this technique now diminished or is there still a lot of possibilities for google in pentesting?
can anyone advise on API keys and google in general?
I'm currently developing a new gooscan in Java, but I still do ugly ugly ugly html-parsing of the Google answer page without an API (google terms of service violation!). Never looked at the available API (Ajax API), but i thought it won't fit my needs
Gooscan only waits some time to do the next google query (avoiding the google sorry page).
Here's more about it: