Foundstone, a subsidiary of McAffe publishes software called SiteDigger. The publishers describes it’s purpose:
SiteDigger 2.0 searches Google’s cache to look for vulnerabilities, errors, configuration issues, proprietary information, and interesting security nuggets on web sites.
The package is free for the download and all you need is a Google API key to run it. Obviously, if you’re responsible for any web site, the first thing you’re going to do is download this thing and run it against your site. The first thing you’re going to do if you’re trying to break into a site is download this tool and run it against a site you want to hit. I’m not sure which side the makers of this software fall, especially after seeing that they describe exploits as "nuggets," a word usually associated with gold and something traded in by prospectors for currency.
The release and publicity of such a tool brings up an interesting ethical conundrum. If the software gets into the wrong hands, it could actually assist someone in breaking into a site. If it’s used by those responsible for security, it could help secure a site by pointing out holes that may have been overlooked.
Either way, it’s a nice way to drum up some consulting business.