Google as a search engine has indexed approx 5.5 billion web pages till date. While performing our daily searches, Google shows you the pages considered having “rich formats”.
In addition to crunching keywords into useful search results, Google also provides you with search operators to apply advanced filters to the search results you want to get.
Google dorks are queries consisting of advanced search operators to fetch precise results.
Google dorks can be used as a passive attack method, widely used by security enthusiasts to retrieve exploitable websites, frameworks. Application of Google dorks are endless, however, we should not use these techniques illicit and unethical activities.
Using google dorks is easy, just like using basic arithmetic operators to solve mathematical problems. Some popular/most-used google dorks operators are :
intitle:”face of vocuzi”
Intitle operator restricts the results to pages having substring “face of vocuzi” in their <title></title>. This dork along with other operators is often used to fetch indexed extension/framework version/readme files and login pages
inurl:”myproject/settings.py”
Inurl operator restricts the results to pages having substring “myproject/settings.py” in their URL. Often used to get files containing sensitive information.
site:vocuzi.in
Site operator is used to restricting results only to pages with source server “vocuzi.in”
filetype:pdf
Filetype operator used with a combination of other operators results in indexed files with extension “pdf”
A basic example using the above-mentioned dorks :
intitle:”Hacking with Google Dorks” inurl:blog site:vocuzi.in
This query will result in this post.
© 2021, All Rights Reserved · Vipin Joshi