Hacking with Google Dorks

Posted on : March 10, 2019, 8:32 a.m. Total Views : 168

What are Google Dorks?

Google as a search engine has indexed approx 5.5 billion web pages till date. While performing our daily searches, Google shows you the pages considered having “rich formats”.

In addition to crunching keywords into useful search results, Google also provides you with search operators to apply advanced filters to the search results you want to get.

Google dorks are queries consisting of advanced search operators to fetch precise results.


Why use Google Dorks?

Google dorks can be used as a passive attack method, widely used by security enthusiasts to retrieve exploitable websites, frameworks. Application of Google dorks are endless, however, we should not use these techniques illicit and unethical activities.


Getting started with Google Dorks

Using google dorks is easy, just like using basic arithmetic operators to solve mathematical problems. Some popular/most-used google dorks operators are :

intitle:”face of vocuzi”

Intitle operator restricts the results to pages having substring “face of vocuzi” in their <title></title>. This dork along with other operators is often used to fetch indexed extension/framework version/readme files and login pages

inurl:”myproject/settings.py”

Inurl operator restricts the results to pages having substring “myproject/settings.py” in their URL. Often used to get files containing sensitive information.

site:vocuzi.in

Site operator is used to restricting results only to pages with source server “vocuzi.in”

filetype:pdf

Filetype operator used with a combination of other operators results in indexed files with extension “pdf”

A basic example using the above-mentioned dorks :

intitle:”Hacking with Google Dorks” inurl:blog site:vocuzi.in

This query will result in this post.


Related Links :

Google Dorks on Wikipedia

Google Hacking Database

Vocuzi on GHDB

this is the end.