|Occupation||Founder, Hackers for Charity|
Long is well known for his background in Google hacking, a process by which vulnerable servers on the Internet can be identified through specially constructed Google searches. He has gained fame as a prolific author and editor of numerous computer security books.
Career in computer securityEdit
Early in his career, in 1996, Long joined Computer Sciences Corporation and formed the corporation's vulnerability assessment team known as Strike Force. Following a short position at Ciphent as their chief scientist, Long now dedicates his time to the Hackers for Charity organization. He continues to provide talks at many well-publicized security events around the world. In recent years, Long has become a regular speaker at many annual security conferences including DEF CON, the Black Hat Briefings, ShmooCon, and Microsoft's BlueHat internal security conferences. Recently, his efforts to start the Hackers for Charity movement have gained notable press attention. His talks have ranged from Google hacking to how Hollywood portrays hackers in film.
Through his work with CSC's Strike Force, Johnny was an early pioneer in the field of Google hacking. Through specially crafted search queries it was possible to locate servers on the Internet running vulnerable software. It was equally possible to locate servers that held no security and were openly sharing personal identifiable information such as Social Security numbers and credit card numbers. These efforts grew into the creation of the Google Hacking Database, through which hundreds of Google hacking search terms are stored. The field of Google hacking has evolved over time to not just using Google to passively search for vulnerable servers, but to actually use Google search queries to attack servers.
Hackers for CharityEdit
In his latest endeavor, Johnny Long has created the Hackers for Charity non-profit organization. Known by its byline, "I Hack Charities", the organization collects computer and office equipment to donate to underdeveloped countries. Along with coordinating the donation of goods and supplies, Johnny lived in Uganda with his family for seven years full-time where they personally setup computer networks and helped build village infrastructures. In addition, they started a computer training center which provides free and low-cost technical training, a hackerspace, a restaurant and a leather working program all based in Jinja Uganda. Each of these projects are still running (as of May 2019). Each of these projects were funded by donations from the hacker community through fundraising efforts at various conferences.
Long is known to publicly pronounce his faith in Christianity. He begins and ends each of his presentations with information regarding Hackers for Charity and regularly donates proceeds from his books to help HFC.
Long has contributed to the following published works:
- Google Hacking for Penetration Testers, Syngress Publishing, 2004. ISBN 1-931836-36-1 (Author, book translated into five different languages)
- Aggressive Network Self-Defense, Syngress Publishing, 2005. ISBN 1-931836-20-5 (Author, Chapter 4, "A VPN Victim's Story: Jack's Smirking Revenge" with Neil Archibald.
- InfoSec Career Hacking, Syngress Publishing, 2005. ISBN 1-59749-011-3. (Author, Chapter 6, "No Place Like /home – Create an Attack Lab")
- Stealing the Network: How to Own an Identity, Syngress Publishing, 2005. ISBN 1-59749-006-7. (Technical Editor, Author, Chapter 7, "Death by a Thousand Cuts"; Chapter 10, "There's something else" with Anthony Kokocinski; and "Epilogue: The Chase")
- OS X For Hackers at Heart, Syngress Publishing, 2005. ISBN 1-59749-040-7 (Author, Chapter 2, "Automation" and Chapter 5, "Mac OS X for Pen Testers")
- Penetration Tester's Open Source Toolkit, Syngress Publishing, 2005. ISBN 1-59749-021-0 (Technical Editor, Author, "Running Nessus with Auditor")
- Stealing the Network: How to Own a Shadow, Syngress Publishing, 2007. ISBN 1-59749-081-4
- Google Talking, Syngress Publishing, 2007. ISBN 1-59749-055-5 (Technical Editor and Contributor)
- Techno Security's Guide to Managing Risks for IT Managers, Auditors and Investigators, Syngress Publishing, 2007 ISBN 1-59749-138-1. (Author, Chapter 8, "No-Tech Hacking")
- Asterisk Hacking, Syngress Publishing, 2007. ISBN 1-59749-151-9 (Technical Editor)
- Google Hacking for Penetration Testers, Volume 2, Syngress Publishing, 2007. ISBN 978-1-59749-176-1 (Author)
- TechnoSecurity's Guide to E-Discovery and Digital Forensics, Elsevier Publishing, 2007 ISBN 978-1-59749-223-2 (Author, "Death by 1000 cuts").
- No-Tech Hacking, Elsevier Publishing, 2008 ISBN 1-59749-215-9 (Author)