Lecturer: Иo1lz Date: Nov. 24th, 2019
OUTLINE
- Are you a dork?
- Search Syntax
- Encore - Github Dork
Are you a dork?
Google Dorks = Google Dorking = Google Hacking
What is Google Hacking?
Simply to describe, the advance searching technique of google.
The practice of using Google to find vulnerable web applications and servers by using native Google search engine capabilities.
Unless you block specific website from your website using a robots.txt file, Google indexes all the information that is present on any website.
Before reading any further, be aware that Google will start blocking your connection if you connect from a single static IP. It will ask for captcha challenges to prevent automated queries.
![](https://securitytrails.com/images/1/0/c/2/6/10c26df932522598b6b523003b3b4321ac99f8b6-captcha-challenge.png)
Search Syntax
allintext
Search for specific text contained on any web page.
allintitle
Search for specific text contained on any web page that will show pages that contain titles with X characters
site
Show you the full list of all indexed URLs for the specified domain and subdomain
inurl
The same as allinurl, but it is only useful for one single keyword
filetype
Used to search for any kind of file extensions.
intitle
Used to search for various keywords inside the title.
intext
Useful to locate pages that contain certain characters or strings inside their text
inanchor
This is useful when you need to search for an exact anchor text used on any links
Keywords
password, login, admin, administrator, passwd, php, pdf, log, edu, root, db, database, account, auth, authenticate, index, access, ssh, xls, xml, jsp, ajax...
Welcome and visit the Google Hacking Database
ENCORE
Github Dork
![](https://s3.amazonaws.com/media-p.slid.es/uploads/922310/images/6812749/截圖_2019-11-24_上午2.56.36.png)
![](https://s3.amazonaws.com/media-p.slid.es/uploads/922310/images/6812747/截圖_2019-11-24_上午2.55.32.png)
![](https://s3.amazonaws.com/media-p.slid.es/uploads/922310/images/6812751/截圖_2019-11-24_上午2.57.00.png)
![](https://s3.amazonaws.com/media-p.slid.es/uploads/922310/images/6812754/截圖_2019-11-24_上午2.58.08.png)
![](https://s3.amazonaws.com/media-p.slid.es/uploads/922310/images/6812750/截圖_2019-11-24_上午2.56.42.png)
![](https://s3.amazonaws.com/media-p.slid.es/uploads/922310/images/6812755/截圖_2019-11-24_上午2.58.33.png)
![](https://s3.amazonaws.com/media-p.slid.es/uploads/922310/images/6812750/截圖_2019-11-24_上午2.56.42.png)
![](https://s3.amazonaws.com/media-p.slid.es/uploads/922310/images/6812756/截圖_2019-11-24_上午2.58.52.png)
![](https://s3.amazonaws.com/media-p.slid.es/uploads/922310/images/6812756/截圖_2019-11-24_上午2.58.52.png)
![](https://s3.amazonaws.com/media-p.slid.es/uploads/922310/images/6812752/截圖_2019-11-24_上午2.57.29.png)
![](https://img.fundiscuss.com/201709/k3bwb5E0.png)
![](https://s3.amazonaws.com/media-p.slid.es/uploads/922310/images/6812753/截圖_2019-11-24_上午2.57.33.png)
![](https://s3.amazonaws.com/media-p.slid.es/uploads/922310/images/6812748/截圖_2019-11-23_下午6.14.32.png)
Thanks for listening.
References
- vootpool, (2019), What is Google dorks? | Google Dorks list | Google hacking tool. Retrieved from https://www.vootpool.com/google-dorks-list/
- Exploit Database, (2019), Google Hacking Database. Retrieved from https://www.exploit-db.com/google-hacking-database
- Jack Yu|傑克, (2017, Oct. 17th), Google Hacking. Retrieved from https://yu-jack.github.io/2017/10/17/google-hacking/
- 梅興, (2009, May. 19th), Google Hacking. Retrieved from https://sls.weco.net/node/12922
- Security Trails Team, (2019, Mar. 5th), Exploring Google Hacking Techniques. Retrieved from https://securitytrails.com/blog/google-hacking-techniques
Especially Thanks
Subtitle
Google Dorks
By Иo1lz
Google Dorks
For SIRLA - This 15 Speech
- 245