"In this era of web threats when more than 95% of computer crimes occur in or via the Internet, many anti-malware companies and other third-party organizations have developed automated systems to quickly capture related malcodes, domains, URLs, data, logs and clues, and create and deploy solutions for them as quickly as possible. Automated systems include but are not limited to spam traps, honeypots, honeynets and crawlers, and so on. With this current threat landscape taken into consideration and with its huge network of crawlers and a wide array of search capabilities, Google no doubt has found some benefit in venturing forth into developing anti-malware and computer security services. Previously, the Google API has had a free (though limited) offering to developers who would want to take advantage of Google's search powers. Now however, this has been shelved... So what can we outside Google do? Something however is still for free... and it is Google itself! Aside from the mainstream Google hacking, this paper describes and measures other techniques and projects on how Google can be used as a tool to discover malcodes, as well as threat and forensics intelligence that can help anti-malware researchers in their vigilance in hunting down web threats. "