Google-Hacking
Google Hacking/Google Dork
Summary
This is my notes.
Google Hacking
Google Hacking/Google Dork
What is Google Dork
A Google Dork/Google Dorking/Google hacking, is a valuable resource for security researchers. (Cp)
So, for me, it make task easier for pentester. Just using google search, we can obtain sensitive information or crucial data.
Google Dorks
- cache: this dork will show you the cached version of any website, e.g. cache: securitytrails.com
- allintext: searches for specific text contained on any web page, e.g. allintext: hacking tools
- allintitle: exactly the same as allintext, but will show pages that contain titles with X characters, e.g. allintitle:"Security Companies"
- allinurl: it can be used to fetch results whose URL contains all the specified characters, e.g: allinurl client area
- filetype: used to search for any kind of file extensions, for example, if you want to search for jpg files you can use: filetype: jpg
- inurl: this is exactly the same as allinurl, but it is only useful for one single keyword, e.g. inurl: admin
- intitle: used to search for various keywords inside the title, for example, intitle:security tools will search for titles beginning with “security” but “tools” can be somewhere else in the page.
- inanchor: this is useful when you need to search for an exact anchor text used on any links, e.g. inanchor:"cyber security"
- intext: useful to locate pages that contain certain characters or strings inside their text, e.g. intext:"safe internet"
- link: will show the list of web pages that have links to the specified URL, e.g. link: microsoft.com
- site: will show you the full list of all indexed URLs for the specified domain and subdomain, e.g. site:securitytrails.com
- *: wildcard used to search pages that contain “anything” before your word, e.g. how to * a website, will return “how to…” design/create/hack, etc… “a website”.
- |: this is a logical operator, e.g. "security" "tips" will show all the sites which contain “security” or “tips,” or both words.
- +: used to concatenate words, useful to detect pages that use more than one specific key, e.g. security + trails
- –: minus operator is used to avoiding showing results that contain certain words, e.g. security -trails will show pages that use “security” in their text, but not those that have the word “trails.”
© AdaniKamal