Google Dorks
Google Dorks
Google is a powerful tool for reconnaissance. It is also a great way to find sensitive information online using what’s known as Google Dorks. Google Dorking, also known as Google Hacking, is a search technique that uses advanced search operators to find information on the internet that may not be available through standard search queries. It uses Google’s search algorithms to find specific text strings in search results. Notably, while the term “hacking” suggests an illicit activity, Google Dorking is entirely legal and often used by security professionals to identify vulnerabilities in their systems.
While Google Dorking can reveal sensitive information if it’s publicly accessible, using this technique doesn’t breach any laws or Google’s terms of service. This is how to hack with Google.
Different Google Dorking Techniques
Google Dorking techniques primarily involve using specific search operators. Below are some of the most commonly used methods:
- Filetype: This operator searches for specific file types. For example, `filetype:pdf` would return PDF files.
- Inurl: The `inurl:` operator can be used to find specific words within the URL of a page. For example, `inurl:login` would return pages with ‘login’ in the URL.
- Intext: With the `intext:` operator, you can search for specific text within the content of a web page. For example, `intext:”password”` would yield pages that contain the word “password”.
- Intitle: The `intitle:` operator is used to search for specific terms in the title of a webpage. For example, `intitle:”index of”` could reveal web servers with directory listing enabled.
- Link: The `link:` operator can be used to find pages that link to a specific URL. For example, `link:example.com` would find pages linking to example.com.
- Site: The `site:` operator allows you to search within a specific site. For example, `site:example.com` would search within example.com.
These techniques are powerful tools for information gathering and should be used responsibly. While Google Dorking is legal and can be used for legitimate research and security purposes, misuse can violate privacy and potentially be illegal.
The Google Hacking Database
The Google Hacking Database (GHDB) is a collection of Google search queries, or “Google Dorks”, that are organized into categories to help cybersecurity professionals identify potential vulnerabilities. The database was created in 2004 by cybersecurity researcher Johnny Long, who began collecting Google search queries in 2002 that uncovered sensitive information or vulnerable systems.
Attackers use the GHDB as a tool for advanced Google searching and information gathering. For example, the wildcard operator (*) can be used to search for variable words in a phrase, and the Site: operator can be used to find results on a specific website or domain.
Google Dorking can also return information that isn’t intended for public viewing.
Fast Finds
intitle:”hacked by” inurl:upload
inurl:/admin/login.php intitle:(“Iniciar sesion” OR “hacked”)
intitle:”(SSI Web Shell)” AND intext:”(ls -al)”
s3 site:amazonaws.com filetype:xls password
inurl: document/d intext: ssn
Tyler Wall is the founder of Cyber NOW Education. He holds bills for a Master of Science from Purdue University and also CISSP, CCSK, CFSR, CEH, Sec+, Net+, and A+ certifications. He mastered the SOC after having held every position from analyst to architect and is the author of three books, 100+ professional articles, four online courses, and regularly holds webinars for new cybersecurity talent.
You can connect with him on LinkedIn.
To view my dozens of courses, visit my homepage and watch the trailers!
Become a Black Badge member of Cyber NOW® and enjoy all-access for life.
Check out my latest book, Jump-start Your SOC Analyst Career: A Roadmap to Cybersecurity Success, winner of the 2024 Cybersecurity Excellence Awards.
