Google Hacking or Google Dorks uses advanced search operators (Dorks) to find juicy information about target websites. For example finding specific versions of vulnerable Web applications. A search query with
intitle:admbook intitle:Fversion filetype:php would locate all web pages that have that particular text contained within them. It is normal for default installations of applications to include their running version in every page they serve, for example, “Powered by XOOPS 2.2.3 Final”.
Some special google search operators and how it functions:
This will ask google to show pages that have the term in their html title.
Searches for specified term in the URL. For example:inurl:register.php
Searched for certain file type. Example: filetype:pdfwill search for all the pdf files in the websites.
It works similar to filetype. Example: ext:pdf finds pdf extension files.
This will search content of the page. This works somewhat like plain google search
This limits the search to a specific site only. Example: site:firstname.lastname@example.org will limit search to only email@example.com.
This will show you cached version of any website. Example: cache: aa.com
This works like a wildcard. Example: How to * sites, will show you all the results like “how to…” design/create/hack, etc… “sites”
Basic Formula of Dork
“inurl” = input URL
“domain” = your desired domain ex. .gov
“dorks” = your dork of your choice
A simple example of a dork that does rely on an operator might be:
This googleDork will search https://tacticaltech.org for all PDF files hosted under that domain name.
Another example might look something like this:
If the search term contains multiple words, they should be surrounded by quotation marks:
intext:exposing intitle:“the invisible”
Dorks can also be paired with a general search term. For example:
exposing site:tacticaltech.org filetype:pdf
Here, “exposing” is the general search terms, and the operators “site” and “filetype” narrow down the results returned.