Google Dorks (Information Gathering)
Google Dorks, Google is a search engine used to find text, images,
videos, and news and what not.? However, in the world of InfoSec
google is an interesting information gathering tool. Google can also
be used to find sensitive information. As we all know google is a
powerful search engine and can index billions of website which is
handy for an individual to easily use its feature.
Google dork referred to as a query, it is a search string that uses
advanced search operators or filters to gather information that is not
easily available on the internet. Google dork is also considered as an
illegal google hacking activity that hackers frequently use for
malicious purposes. In other terms, we can say Google Dork is used
to find vulnerabilities in servers, websites and disclose secret
information buried deep in enormous databases available online.
What are the Information we can find using Google Dorks?
• Admin login pages
• Usernames and passwords
• Vulnerable entities
• Sensitive documents
• Government/military data
• Email lists
• Bank account details and more
Let’s do some Dorking by advanced search operators:
intitle: It searches for strings in the title of the page or is used to
search for various keywords inside the title. For example, if you type into Google intitle:”abc” then Google will
search various keywords inside the title. Most web browsers display
the title of a document on the top title bar of the browser window.
site: It will list out the information of particular websites only.For example, if you type into Google site:abc.com then Google will tell you the content it knows about the website. It works for any
Inurl: Google will only return results where the search words
are included in the URL. This will often sharply reduce search
volume and can be handy for finding potential direct
competitors. This operator requires no other search arguments.
For example, if you type into Google inurl:abc then Google will only
return results where the search words are included in the URL.
filetype: This operator instructs Google to search only within
the text of a specific type of file. This operator requires an
additional search argument.For example, if you type into Google abc filetype:pdf or abc
filetype:ppt then it tells Google to return only results of, you guessed
it, a specific type of file.
location: It helps to find our requirement according to a specific
location.For example, if you type into Google location:India then it will show
the specific location which we were searching for.
date: It gives us results from the past according to the specified
month. For example, if you type into Google intitle:football date:3, then it
shows the result of the past 3 months.
Google virtually indexes everything connected to the internet, this
may include sensitive information of mis-configured services. This
can be useful as well as harmful depending upon the user. You need to
make sure that you do not log into these services, even if the
password is exposed, as this also could get you into trouble because
you don’t have permission.
If you are a cybersecurity enthusiast and wish to explore more in the
field of cybersecurity visit the official website Essential Infosec.