To use a Google Dork, you simply type in a Dork into the search box on Google and press “Enter”. Here are some of the best Google Dork queries that you can use to search for information on Google.
intitle:"Index of" -inurl:(jsp|pl|php|html|aspx|htm|cf|shtml) -inurl:(listen77|mp3raid|mp3toss|mp3drug|index_of|wallywashis)
filetype:txt @gmail.com OR @yahoo.com OR @hotmail.com OR @aol.com
intitle:"Welcome to Windows 2000 Internet Services"
intitle:"Index of" password.txt
intext:"phpMyAdmin" "running on" inurl:"main.php"
intitle:"index of" inurl:ftp
intitle:"index of" config.yml
intitle:index of .git
intitle:"index of" password OR passcode OR passphrase OR keyfile
intitle:"mongodb status" intext:"topologyVersion"
intitle:"open network devices"
intitle:"Apache Tomcat" intext:"If you're seeing this, you've successfully installed Tomcat"
intitle:"index of" /admin
intitle:"index of" error.log
intitle:"Kibana" intext:"Welcome to Elastic"
intitle:"Device name" inurl:home.htm
intitle:"Remote Desktop Web Connection"
intitle:"Firebase Console - Projects"
inurl:"/user/login" "Powered by Drupal"
A Google Dork is a search query that looks for specific information on Google’s search engine. Google Dorks are developed and published by hackers and are often used in “Google Hacking”.
Google Dorks are extremely powerful. They allow you to search for a wide variety of information on the internet and can be used to find information that you didn’t even know existed.
Because of the power of Google Dorks, they are often used by hackers to find information about their victims or to find information that can be used to exploit vulnerabilities in websites and web applications.
Google Search Engine is designed to crawl anything over the internet and this helps us to find images, text, videos, news and plethora of information sources. With it’s tremendous capability to crawl, it indexes data along the way, which also includes sensitive information like email addresses, login credentials, sensitive files, website vulnerabilities, and even financial information. In many cases,
We as a user won’t be even aware of it.
Google search service is never intended to gain unauthorised access of data but nothing can be done if we ourselves kept data in the open and do not follow proper security mechanisms.
Essentially emails, username, passwords, financial data and etc. shouldn’t be available in public until and unless it’s meant to be. Example, our details with the bank are never expected to be available in a google search. But our social media details are available in public because we ourselves allowed it.
Google Search is very useful as well as equally harmful at the same time. Because it indexes everything available over the web.
You need to follow proper security mechanisms and prevent systems to expose sensitive data. Follow OWASP, it provides standard awareness document for developers and web application security.
Note: By no means Box Piper supports hacking. This article is written to provide relevant information only. Always adhering to Data Privacy and Security.