Google Hacking
I take great joy in sharing this with you! You may be wondering, what is Google hacking? Is it possible to hack Google? Well it is in fact possible to hack one of their products, namely their search engine. The best part is, they aren't changing it any time soon. Remember when I say hack I mean 'do something clever in an unconventional and more efficient way.' So let discuss how it works.
Google searches
When you search something on google it takes your string of text and using a special algorithm it begins searching through servers looking for what you're asking for.
But imagine for a second that you could give more specific descriptions of your search. In your description you can specify what kind of file you want (pdf, xls, jpeg, ect), sites you specifically want to search (instead of every server out there), and so much more! So how would you go about this? Using a powerful tool Google programmed into their search engine.
Advanced operators
Advanced operators are your way of telling the web crawlers what your trying to narrow in on. For example if I wanted to find a specific type of file, let's say a pdf, I would enter filetype:pdf (notice there is no space). Then whatever it is I'm looking for in the file would be entered either before or after the query. Example: the book I want filetype:pdf
So you may be wondering what's the big deal with all of this? Who cares if I can find a specific file? Well some companies store their personal records on xls files. So just for kicks Google the following query: email name ssn filetype:xls. There have been a few times I have been able to see people's social security numbers for the companies I was contracted for. So for more specifics you would type email name ssn filetype:xls site:domainYourHacking.com and there you have it, you'll search only servers tied to that domain and find any xls file that contains the words "email name ssn"
So just a final bit of advice to help you on your journey, if there is ever a book you want just type in the title of the book followed by filetype:pdf and if it is stored on someone's web server you can download it for FREE. Your welcome!
In conclusion Google hacking is an incredibly powerful tool to find anything on web servers that weren't intended to be found. There is a book by Johnny Long titled "google hacking for penetration testers" check it out. Try using the PDF trick I told you to download it and read it for free!
**This comes from my blog thehackerjourney.wordpress.com **
Nice @thehackerjourney
Shot you an Upvote :)
I found this super interesting!
I'm glad you liked it. The book I mentioned is amazing and will change the way you use google forever.
Hi! This post has a Flesch-Kincaid grade level of 7.2 and reading ease of 75%. This puts the writing level on par with Tom Clancy and F. Scott Fitzgerald.