In this article I will explain in detail what Google Dorks 2020 are and how to use Google Dorks.
It's estimated that Google has downloaded more pages than any other search engine; statistics speak for more than a billion pages with a relatively low implementation time.
The popular search engine in California managed to satisfy all searches, whether for educational purposes or sheer curiosity.
Google dorks is a powerful tool available to everyone that can be very useful.
HOW TO USE GOOGLE DORKS?
By speaking a technical language, google dorks can be compared to specific queries that we can put in the popular search engine to get what we want.
The scope of dorks is very broad, in fact, through this tool we can find in any particular files of time on the web as pdf, mp3, files containing passwords and so on.
Google Dorking or Google Hacking means a set of advanced search technologies applied to Google, like other engines, that can also be used in the context of OSINT useful for:
- Localizing the information that institutions of any kind make available, albeit unintentionally, to the public;
- Revealing vulnerabilities for use in subsequent cyber attacks;
By performing specific searches, any attacker can show information such as usernames, passwords, email lists, "sensitive" documents, bank details and vulnerabilities on the website.
The power of these research technologies has prompted American "federalists" to post a notice on this issue in the summer of 2014.
The essence of this technique is a string of characters that includes advanced search operators (usually the "normal" user does not use) such as:
- site: filters results by returning only files or documents that are in a specific location or that belong to a specific domain;
- Title: Filter the results by returning only pages that contain a specific sentence in the title (like the title: index.of mp3);
- File type: Usually followed by extension (PDF, XLS, DOC, TIF) only displays files with the extension indicated in the results;
- intext: search for content that includes a specific keyword, narrow the search to the page’s text and ignore everything else;
How to use Google Dorks
Using google dorks is really simple, just go to google and write specific dork.
To give a real example, suppose we want to find all possible pdf directories on the abap programming language, if we write on the search engine the abap filetype: pdf directory we will get several pages that all contain pdf files.
With this type of search, we saved a lot of time, otherwise we had to move between pages to find different pdfs.
google dorks 2020
google dorking commands
google dorks cheat sheet
how to use google dorks
google dorks for credit cards
google dorking commands
google dorks cheat sheet
how to use google dorks
google dorks for credit cards
In the previous example, the user dork is filetype: tipofile, used to specify only webpages that have the extension files referenced immediately after the colon.
If we want to limit the search to Dante's sonnet containing "apparently very nice and honest" just type in the allintext search field: very nice and very honest
The Google dorks can also be used for peaceful purposes unless we say, that we can use the other fool to find such webpages that contain sensitive data.
If we write inurl: admin inurl: userlist then we will find pages that contain the words "admin" and "userlist" in their url, which generally lead to display access data.
Dangers of using google dorks
Obviously, this technology can return information that is usually difficult to find with simple "queries" and searches we do every day to find a restaurant or when the show starts.
In essence, "dorking" not only allows you to refine your search, but also allows anyone to access information that has not been disclosed and not sufficiently protected.
The information obtained may be used for illegal activities by malicious persons, for industrial espionage, identity theft or "electronic pursuit".
Accessing documents created to stay for internal use can lead to more sensitive information.
As we have seen, there are many operators available that can be used by assembling them, thereby increasing their power.
After a number of searches using Google Dorks, a CAPTCHA request from Google will appear.
This request aims to demonstrate that multiple requests from the same IP address are not from the work of "robots" but by humans.
For this problem as well, there are solutions like software packages that automate, optimize and engineer "Google Dorking" and avoid CAPTCHA requests using "proxy" technologies.
"Google Hacking Diggity Project" is very interesting in the area of search automation: on the page in the link, you will find all the information related to this powerful front end.
Report
