medusa/the_information_nexus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
541e4acd94e3d293596ce62b3617c8704086c9e5
the_information_nexus/tech_docs/google_dorking.md

4.7 KiB
Raw Blame History

Search Engine Dorking, also known as Google Dorking, involves using advanced search operators to uncover information that is not easily accessible through standard search queries. Heres a detailed guide to leveraging these operators for expert-level OSINT:

Key Search Operators

  1. site:

    • Limits search results to a specific site or domain.
    • Example: site:example.com - Searches only within example.com.
    • Use Case: Finding all indexed pages of a specific website, identifying potential information leaks.

  2. filetype:

    • Searches for specific file types.
    • Example: filetype:pdf - Finds PDF files.
    • Use Case: Locating publicly available documents like PDFs, DOCs, and XLSs that might contain valuable information.

  3. intitle:

    • Searches for pages with specific words in the title.
    • Example: intitle:admin - Finds pages with "admin" in the title.
    • Use Case: Identifying administration portals or login pages.

  4. inurl:

    • Searches for URLs containing specific words.
    • Example: inurl:login - Finds pages with "login" in the URL.
    • Use Case: Finding login pages, admin panels, or specific sections of a website.

  5. allintext:

    • Searches for pages containing specific words in the body text.
    • Example: allintext:username password - Finds pages containing both "username" and "password".
    • Use Case: Locating pages that might have sensitive information like configuration files or credentials.

  6. cache:

    • Views Google's cached version of a webpage.
    • Example: cache:example.com - Displays the cached page of example.com.
    • Use Case: Accessing content that might have been removed or modified on the live site.

  7. link:

    • Finds pages that link to a specific URL.
    • Example: link:example.com - Lists all pages linking to example.com.
    • Use Case: Understanding the backlink profile of a website.

  8. related:

    • Finds sites similar to a specified URL.
    • Example: related:example.com - Lists sites related to example.com.
    • Use Case: Identifying competitors or similar resources.

  9. " " (Quotation Marks)

    • Searches for an exact phrase.
    • Example: "admin login" - Finds pages with the exact phrase "admin login".
    • Use Case: Finding specific terms or phrases, reducing irrelevant results.

  10. - (Minus Sign)

    • Excludes specific words or sites from search results.
    • Example: site:example.com -inurl:blog - Searches within example.com but excludes results from the blog section.
    • Use Case: Filtering out unwanted results, focusing on more relevant data.

Combining Operators for Advanced Searches

  1. Finding Specific File Types on a Specific Site

    • site:example.com filetype:pdf
    • Example: Searches for PDF files on example.com.

  2. Locating Login Pages

    • inurl:login | intitle:login
    • Example: Finds pages that have "login" in the URL or title.

  3. Uncovering Sensitive Information

    • site:example.com intext:"confidential"
    • Example: Searches for pages containing the word "confidential" on example.com.

  4. Discovering Exposed Directories

    • intitle:"index of" "parent directory"
    • Example: Finds directory listings that might be exposed.

  5. Identifying Vulnerable Files

    • filetype:sql "password"
    • Example: Finds SQL files that contain the word "password".

Practical Applications

  1. Security Audits

    • Use dorking to identify exposed sensitive information and vulnerabilities in a websites configuration or content.

  2. Competitive Intelligence

    • Analyze competitor websites for publicly available documents, press releases, or hidden pages.

  3. Data Gathering

    • Collect publicly available information for research purposes, ensuring compliance with legal and ethical standards.

Best Practices

  • Ethical Considerations: Always ensure that your dorking activities do not violate laws or ethical guidelines.
  • Regular Updates: Stay updated with the latest changes in search engine algorithms and available operators.
  • Use Tools: Leverage tools like Google Dorks Database for pre-compiled dorks and Automate searches using scripts where permissible.
  • Analyze Metadata: Pay attention to metadata in found documents for additional insights.

Tools to Enhance Search Engine Dorking

  1. Google Dorks Database: A repository of known Google dorks for various use cases.
  2. Automated Scripts: Python or Bash scripts to automate and repeat complex queries.
  3. Browser Extensions: Tools like DorkMe for quick access to common dorks.

By mastering these operators and techniques, you can uncover a wealth of hidden information on the internet while adhering to responsible and ethical practices.