Scribd
Upload
35 views9 pages

Dork

Uploaded by

yashuop46
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
35 views9 pages

Dork

Uploaded by

yashuop46
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 9

Web Application Security

By –Prakash Khasor,
Assistant Professor(Cyber
Security),
National Forensic Sciences
University
GOOGLE DORK
⚫ Technique that uses Google Search and other Google
applications to find security holes in the configuration and
computer code that websites are using. Google dorking could
also be used for OSINT.
⚫ They are like search criteria in which a search engine returns
results related to your dork.

⚫ GHDB:-Google Hacking Database


Basic Syntax of Dork
⚫ Basic Syntax of Dork
"inurl:."domain"/"dorks" "Here,
“inurl” = input URL
“domain” = your target domain ex. .org
“dorks” = your dork of your choice

BASIC GUIDELINES TO USE GOOGLE OPERATORS

1.There should be no space between the operators, colon and the search as violating this rule
will not generate the desired result.
2.If the search term is a phrase then there should be no space between the operator, colon as
well as the first quote of the phrase.
3.Some advanced operators cannot be combined with others such as allintitle, allintext etc.
4.Boolean operators and special characters such as ‘OR’ and ‘+’ can be used in the queries
but they should not be placed in the way of the colon.
Google Search Operators
⚫ intitle:
This will ask google to show pages that have the term in
their html title.
⚫ inurl:
Searches for specified term in the URL. For example:
inurl:register.php
⚫ filetype:
Searched for certain file type. Example: filetype:pdf will
search for all the pdf files in the websites.
CONTINUE…
⚫ ext:
It works similar to filetype. Example: ext:pdf finds pdf
extension files.
⚫ intext:
This will search content of the page. This works
somewhat like plain google search
⚫ site:
This limits the search to a specific site only. Example:
site:[email protected] will limit search to only [email protected].
CONTINUE…
⚫ Cache:
This will show you cached version of any website.
Example: cache: aa.com
⚫ *
This works like a wildcard. Example: How to * sites,
will show you all the results like “how to…”
design/create/hack, etc… “sites”
Prevention….
⚫ Robots.txt
⚫ The following allows all robots to visit all files.
-”User-agent: *
Disallow:”

⚫ This entry will keep all robots out of all directories.

-”User-agent: *
Disallow: /.”
⚫ keep all robots out of the from specific Directory
“User-agent: *
Disallow: /report/”
⚫ “User-agent: googlebot
Disallow: /”
Example:
⚫ intitle:index of “.htaccess”

You might also like