medusa/the_information_nexus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
the_information_nexus/tech_docs/google_dorking.md

4.7 KiB
Raw Permalink Blame History

Search Engine Dorking, also known as Google Dorking, involves using advanced search operators to uncover information that is not easily accessible through standard search queries. Heres a detailed guide to leveraging these operators for expert-level OSINT:

Key Search Operators

  1. site:

    • Limits search results to a specific site or domain.
    • Example: site:example.com - Searches only within example.com.
    • Use Case: Finding all indexed pages of a specific website, identifying potential information leaks.

  2. filetype:

    • Searches for specific file types.
    • Example: filetype:pdf - Finds PDF files.
    • Use Case: Locating publicly available documents like PDFs, DOCs, and XLSs that might contain valuable information.

  3. intitle:

    • Searches for pages with specific words in the title.
    • Example: intitle:admin - Finds pages with "admin" in the title.
    • Use Case: Identifying administration portals or login pages.

  4. inurl:

    • Searches for URLs containing specific words.
    • Example: inurl:login - Finds pages with "login" in the URL.
    • Use Case: Finding login pages, admin panels, or specific sections of a website.

  5. allintext:

    • Searches for pages containing specific words in the body text.
    • Example: allintext:username password - Finds pages containing both "username" and "password".
    • Use Case: Locating pages that might have sensitive information like configuration files or credentials.

  6. cache:

    • Views Google's cached version of a webpage.
    • Example: cache:example.com - Displays the cached page of example.com.
    • Use Case: Accessing content that might have been removed or modified on the live site.

  7. link:

    • Finds pages that link to a specific URL.
    • Example: link:example.com - Lists all pages linking to example.com.
    • Use Case: Understanding the backlink profile of a website.

  8. related:

    • Finds sites similar to a specified URL.
    • Example: related:example.com - Lists sites related to example.com.
    • Use Case: Identifying competitors or similar resources.

  9. " " (Quotation Marks)

    • Searches for an exact phrase.
    • Example: "admin login" - Finds pages with the exact phrase "admin login".
    • Use Case: Finding specific terms or phrases, reducing irrelevant results.

  10. - (Minus Sign)

    • Excludes specific words or sites from search results.
    • Example: site:example.com -inurl:blog - Searches within example.com but excludes results from the blog section.
    • Use Case: Filtering out unwanted results, focusing on more relevant data.

Combining Operators for Advanced Searches

  1. Finding Specific File Types on a Specific Site

    • site:example.com filetype:pdf
    • Example: Searches for PDF files on example.com.

  2. Locating Login Pages

    • inurl:login | intitle:login
    • Example: Finds pages that have "login" in the URL or title.

  3. Uncovering Sensitive Information

    • site:example.com intext:"confidential"
    • Example: Searches for pages containing the word "confidential" on example.com.

  4. Discovering Exposed Directories

    • intitle:"index of" "parent directory"
    • Example: Finds directory listings that might be exposed.

  5. Identifying Vulnerable Files

    • filetype:sql "password"
    • Example: Finds SQL files that contain the word "password".

Practical Applications

  1. Security Audits

    • Use dorking to identify exposed sensitive information and vulnerabilities in a websites configuration or content.

  2. Competitive Intelligence

    • Analyze competitor websites for publicly available documents, press releases, or hidden pages.

  3. Data Gathering

    • Collect publicly available information for research purposes, ensuring compliance with legal and ethical standards.

Best Practices

  • Ethical Considerations: Always ensure that your dorking activities do not violate laws or ethical guidelines.
  • Regular Updates: Stay updated with the latest changes in search engine algorithms and available operators.
  • Use Tools: Leverage tools like Google Dorks Database for pre-compiled dorks and Automate searches using scripts where permissible.
  • Analyze Metadata: Pay attention to metadata in found documents for additional insights.

Tools to Enhance Search Engine Dorking

  1. Google Dorks Database: A repository of known Google dorks for various use cases.
  2. Automated Scripts: Python or Bash scripts to automate and repeat complex queries.
  3. Browser Extensions: Tools like DorkMe for quick access to common dorks.

By mastering these operators and techniques, you can uncover a wealth of hidden information on the internet while adhering to responsible and ethical practices.