Google Hacking
Tips & tricks to master Google’s search engine.
What is Google Hacking?
Google hacking is basically using operators and keywords to narrow down search results. Some of the more popular examples are finding specific versions of vulnerable Web applications or finding corporate files with sensitive information. This technique is popular among penetration testers and power users, but I think it can be useful for everybody. You can get very specific results and make your workflow more efficient.
Advanced Search for Websites
For starters, there’s a really cool page called Google Advanced Search. This solution doesn’t require you to memorize search operators and keywords. You are presented with more fields rather than a single search box, where you can input your search criteria.
Advanced Search for Images
They didn’t forget about people, who like to search for images. This page is called Google Advanced Image Search. The only thing I miss here is that you can’t specify the exact image size. Other than that, it’s a great way to search for images that match certain criteria.
Advanced Querying
The following list is not going to be complete, but it’ll cover the most used search techniques.
Some facts to keep in mind:
- You can chain the operators and get more specific results.
- Google Search usually ignores punctuation that isn’t part of a search operator.
- Don’t put spaces between the symbol or word and your search term. A search for
site:nytimes.com
will work, butsite: nytimes.com
won’t.
Include words in URL
Use the inurl:hacking
to search for domains that include the word hacking.
Search for URL that has all specified words in it
You can do it like this: allinurl:hacked database
Search for titles
intitle:matesploit
means the word “metasploit” will be included in the title.
Search the body
You can search for multiple words in the page body with intext:"leaked database"
.
Search for files
I use this when I only need files. For example: hacking filetype:pdf
Search social media
Put @
in front of a word to search social media. For example: @twitter
.
Search for a price
Put $
in front of a number. For example: usb $400
.
Search hashtags
Put #
in front of a word. For example: #throwbackthursday
Exclude words from your search
Put -
in front of a word, you want to leave out. For example, jaguar speed -car
Search for an exact match
Put a word or phrase inside quotes. For example, "Reverse engineering"
.
Search for wildcards or unknown words
Put a *
in your word or phrase where you want to leave a placeholder. For example, "largest * in the world"
.
Search within a range of numbers
Put ..
between two numbers. For example, keyboard $50..$100
.
Combine searches
Put “OR
” or “AND
” between each search query. For example, marathon OR race
.
Search for a specific site
Put “site:
" in front of a site or domain. For example, site:youtube.com
or site:.gov
.
Search for related sites
Put “related:
" in front of a web address you already know. For example, related:time.com
.
Get details about a site
Put “info:
" in front of the site address.
See Google’s cached version of a site
Put “cache:
" in front of the site address.
Google Hacking Database
The best source for penetration testers is most definitely the Google Hacking Database. You can search in different categories for vulnerable servers, error messages, secret directories, etc… It’ definitely worth to check out.
Before you go
Thank you for taking the time to read my walkthrough. If you found it helpful, please hit the 👏 button 👏 (up to 50x) and share it to help others with similar interest find it! + Feedback is always welcome! 🙏