Have you guys heard about Google Hacking? Does this sound exciting to you? So let’s just deep dive into Google Dorks. Now, Google Dork, which is also known as Google Dorking or Google Hacking is a very important resource for security researchers. For most people, Google is just a search engine that helps to find videos, articles, games, images, news, and many more things. But for an infosec guy, Google is a useful hacking tool.
Google has tremendous web-crawling capabilities but you can’t hack sites using google directly. It indexes almost anything within your website, which includes sensitive information of that website including the information about the web technologies, username, passwords, and general vulnerabilities without the knowledge of the owner of the website.
Google Hacking sounds interesting and but it’s not actually hacking Google and you can’t do that. Dorks are termed as Google Hacking and this information is widely available on the internet and it is legal and encouraged to use by Google itself. People with the wrong intentions could use this to hark your online presence.
Some website owners expose sensitive information of their website on their own but that doesn’t mean it’s legal to take advantage or to exploit that information. This will come under cybercrime and you will be traced with the help of your IP address even if you are using VPN. Nothing is anonymous in this digital world.
Google Dork Operators
Google Search Engine has its own built-in query language and the same can be used to find files. It is also useful for finding information and many more information related to your rivals, can also be used to track individuals and also to discover web vulnerabilities.
Now we see some examples:
The below dork will show you the cached version of any website
cache:<example.com>This will search for specific text contained on any webpage.
allintext:hacking toolsThe below dork will search for various keywords inside the title.
intitle:hacking toolsWhat Google Dork can exactly do?
Now coming to the people which are not interested in hacking and just want to optimize the search results of their searching. So let’s just see this how can we do that.
Searching for a filetype
filetype:pdf optimization
filetype: doc | pdf | xls | rtf | xml | ppt | txtDorking for a specific link
link:www.example.comSome more examples of Dorking
Info This dork will show information about that particular webpage that google has.
info:www.example.comSite This will limit the search within the particular website
site:www.example.com hacking toolsInurl This will restrict the results to documents containing the search terms in their url.
inurl:example searchDefine
define:exampleRelated This will show the results matching the website mentioned.
related:www.example.comStocks Keywords mentioned in the stocks dork will be taken as the stock ticker symbol and as a result, it will show matching pages.
stocks:EXAMPLEConclusion
So as we have seen that Google Dorks can be very helpful in simple google searches and as well as for penetration testing and infosec guys. They can be used for unethical purposes as well. So it shouldn’t be done. This will cause consequences and you would become a cybercriminal. So use Dorking for productive purposes.
For more information on Google Dorks, click here.
