DEV Community

priyanka prasad
priyanka prasad

Posted on

All About Google Dorks

LocalHackDay

In this blog, you will get to know about google Dorking and some pro tips which I used to become the author of my own google dork.
What is Google Dorking?
Did you ever get into the situation when you are searching for the term and the result just contradicts the output? So the solution is “Dorking” there are some advanced google searching keywords/queries to find information that is not easily available on the websites & which helps you to get better/exact results which you want.
There is a hell lot of dorks available on GHDB (google hacking database) where you can find much sensitive information. But keep in mind Dorking is just an advanced search method you can’t hack or achieve anything big/great just by Dorking it just comes handy in the information gathering process(recon).
What can Google can do for a hacker?
— Search sensitive information like payroll, SIN, even the personal email box
— Vulnerabilities scanner
— Transparent proxy
Popular dorks
Image for post
Basic Formula of Dork
"inurl:."domain"/"dorks" "
Here,
“inurl” = input URL
“domain” = your desired domain ex. .gov
“dorks” = your dork of your choice
How to publish your own dorks?
when you got your desired google dork take for example — Dork:allintext:password filetype:log
you just need to mail to the dorks@offsec.com
with the subject "allintext:password filetype:log" as it is the dork you have mined with author name and description
you won't get any confirmation mail that your dork is published on google hacking database nut yes they publish it within a maximum of 1 day you need to check your name manually if it's published or not.
Image for post
Some measures to take!
Protect Your Data
— Keep patching your systems and applications
— Keep your sensitive data off the Web apply authentication — (RSA, Clienless VPN) — Disable directory browsing
— Consider removing your site from Google’s index: http://www.google.com/remove.html.
— Use a robots.txt file to against Web crawlers: http://www.robotstxt.org.
Some Pro tips to publish your own!
1 If you want to publish your own dork sometimes the similar search results also have a dork that is useful and isn't in the google hacking database.

Top comments (0)