In this post, You will learn how to gather passive information using the google dorks command and below is the video format of the post, Check it out 👇🏾
What are Google dorks ❓
A Google dork is an employee who unknowingly exposes sensitive corporate information on the Internet.
Accessing the exposed sensitive information using google search is called google hacking.
This kind of passive information gathering is also called “Footprinting”
According to me passive information gathering is very much important than active informationMOULIK
How Google hacking works
Google hacking is passive information gathering the information you are searching for will be probably publicly available on the Internet.
By just entering the right keyword (command) on the google search option will give you amazing information about the target you are searching for…
If you don’t know about Google hacking commands, don’t worry below are commands try it out
Example of google hacking
Let’s assume you are targeting techyrick.com and you want to access their contact form where you can find a SQL injection possibility.
Where this information is publicly available and therefore gathering this sensitive information are not going to be active information gathering.
To search for SQL injection pages on a target just enter this command,
inurl: If you use the inurl keyword, Google search for those pages that have the search terms you specify in the URL of the page.
site: Only search on the particular site here it is techyrick.com
Google dorks command or Google hacking
Example1: File type
If you are searching for a particular file in a target site then you should enter this command that is the file type.
Most cybersecurity experts will search for xls or pdf files in target sites.
Here I am using .gov so, I can see results as .gov domains.
If you use the intext keyword, Google finds your search to those pages that have the search terms you specify in the text of the page.
If you use the intitle keyword, Google finds your search to those pages that have the search terms you specify in the title of the page.
intitle: trump site: .gov
If you use the inurl keyword, Google finds your search to those pages that have the search terms you specify in the URL of the page.
Example5: Finding sites prone to sql attacks
Many PHP applications are vulnerable to SQL injection and other attacks. We can look for these types of web applications with: inurl:index.php?id
In conclusion, the google search engine is a hackers tool and only by using google search we can get a lot of passive information.
I think this blog post will be helpful for you, Please share and sub to my YT channel will be techfantasy
Also Read: Information gathering using smbmap