What Is Google Dorking And How To Use It

Table of Contents

Google has become synonymous with searching the web. Many of us use it on a daily basis but most regular users have no idea just how powerful its capabilities are. And you really, really should. Welcome to Google dorking.

What is Google Dorking?

Google dorking is basically just using advanced search syntax to reveal hidden information on public websites. It let’s you utilise Google to its full potential. It also works on other search engines like Google, Bing and Duck Duck Go.

This can be a good or very bad thing.

Google dorking can often reveal forgotten PDFs, documents and site pages that aren’t public facing but are still live and accessible if you know how to search for it.

For this reason, Google dorking can be used to reveal sensitive information that is available on public servers, such as email addresses, passwords, sensitive files and financial information. You can even find links to live security cameras that haven’t been password protected.

Google dorking is often used by journalists, security auditors and hackers.

Here’s an example. Let’s say I want to see what PDFs are live on a certain website. I can find that out by Googling:

filetype:pdf site:[Insert Site here]

Doing this with a company website recently revealed a weird genealogy relationship chart and a guide to amateur radio that had been uploaded to its servers by members at some point.

I also found another special interest PDF but won’t mention the topic as the document contained a person’s name, email address and phone number.

This is a great example of why Google Dorking can be so important for online security hygiene. It’s worth checking to make sure your personal information isn’t out there in a random PDF on a public site for anyone to grab.

It’s also an important lessons for companies and government organisations to learn – don’t store sensitive information on public facing sites and perhaps considering investing in penetration testing.

You should probably be careful

There is nothing illegal about Google dorking. After all, you’re just using search terms. However, accessing and downloading certain documents – particularly from government sites – could be.

And don’t forget that unless you’re going to extra lengths to hide your online activity, it’s not hard for tech companies and the authorities to figure out who you are. So don’t do anything dodgy or illegal.

Instead, we recommend using Google dorking to assess your own online vulnerabilities. See what’s out there about you and use that to fix your own personal or company security.

And as a general rule — don’t be a dick. If you ever find sensitive information through any means, including Google dorking, do the right thing and let the company or individual know.

Best Google Dorking searches

Google dorking can get quite complex and specific. But if you’re just starting out and want to test this out for yourself for honourable reasons only, here are some really basic and common Google dorking searches:

intitle: this finds word/s in the title of a page. Eg – intitle: gizmodo
inurl: this finds the word/s in the url of a site. Eg – inurl: “apple” site: gizmodo.com.au
intext: this finds a word or phrase in a web page. Eg: intext: “apple” site: gizmodo.com.au

allintext: this finds the word/s in the title of a page. Eg – allintext:contact site: gizmodo.com.au
filetype: this finds a specific file type, like PDF, docx, csv. Eg – filetype: pdf site: gov.au
Site: This restricts a search to a certain website like with some of the above examples. Eg – site:gizmodo.com.au filetype:pdf allintitle:confidential
Cache: This shows the cached copy of a site. Eg – cache: gizmodo.com.au

Now we have some of the basic operators, here are some useful searches you can do to check your own online security hygiene:

password filetype:[insert file type] site:[insert your website]
[Insert Your Name] filetype.pdf
[Insert Your Name] intext: [Insert a piece of personal information like your email address, home address or phone number]
password filetype:[Insert File Type, like PDF] site:[Insert your website]
IP: [insert your IP address]


                    
                Tags: Amazon Business Credit Card, American Airlines Business Class, Att Business Login, Austin Business Journal, Best Bank For Small Business, Best Business Bank Accounts, Best Business Schools In Us, Best Business To Start, British Airways Business Class, Business Attire Men, Business Card Ideas, Business Casual Shoes For Women, Business Continuity Planning, Business Entity Search, Business Letter Template, Business Management Degree, Business Manager Facebook, Business Plan Outline, Business School Rankings, Colorado Business Search, Delaware Business Entity Search, Drop Shipping Business, Family Business Bet, Fox Business Live, Georgia Sos Business Search, Google Business Account, Harvest Small Business Finance, How To Build Business Credit, Is Saturday A Business Day, Is Sears Still In Business, Microsoft 365 Business, My Business Google, Name Generator Business, None Of Your Business, Ny Sos Business Search, Open A Business Bank Account, Pa Business Search, Plus Size Business Casual, Pnc Business Banking, Sos Business Search Ca, Sunbiz Business Search, Taking Care Of Business, The Business Of Being Born, Turbotax Home And Business 2020, Tx Sos Business Search, Venmo For Business, Verizon Business Plans, Virtual Address For Business, What Are Business Days, Women Business Casual            
                
	
		Continue Reading
		Previous How to Reduce the Cost of Servicing Your Car
Next Everything Everyone Should Know About E-commerce Business Insurance – 20 questions answered by POE Insurance Inc. for Amazon and Wayfair sellers

M	T	W	T	F	S	S
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30