Google Code Search

On Thursday, Google launched a code search feature. Through Google Codesearch you can now search publicly accessible source code.

Code Search crawls and indexes publicly hosted archives (.tar.gz, .tar.bz2, .tar, and .zip) and CVS and Subversion repositories, making them searchable in one place.

It makes available areas of the web that have been perviously unsearched. It also allows folks to search for vulnerabilities in things like config files that have been inadvertently published publicly.

For example Jason Kottke points to several ways that Google Code Search has been used to find vulnerabilities. One example included WordPress config files that were left in open directories complete with logins and passwords exposed.