Monitoring for New Zero Day Exploits through Google Alerts

In case you haven't read it, I previously posted a how-to for using Google Alerts to monitor for misuse of your personal information...

Misuse of Your Personal Information and Google Alerts

Today I'm going to expand on that post, and show how advanced Google search strings can be used to monitor for other things, such as when new zero day exploits are posted publicly to Pastebin.

For those not familiar with it, Pastebin is a large site which allows anyone to post large amounts of text.  One of the common uses for this site is the public disclosure of new vulnerabilities and exploits.

To leverage some of the more powerful features of Google, use advanced search syntax to narrow your search.  An excellent quick reference is available at Google Guide.

Using our previous method to create an "As it happens" alert, let's try writing a custom query which monitors for new exploits...

intext:exploit OR intext:vulnerability OR intext:"zero day" OR intext:"0day"
Further tweaking will allow you to target a specific software or manufacturer, such as...
intext:microsoft intext:exploit OR intext:vulnerability OR intext:"zero day" OR intext:"0day"

I have provided an example RSS feed for a wide zero day search here.

Of course, this won't give you up-to-the-minute searching of Pastebin, but it's better than not monitoring at all.

No comments:

Post a Comment