What Is Google Dorking And How To Use It
Google has become synonymous with searching the web. Many of us use it on a daily basis but most regular users have no idea just how powerful its capabilities are. And you really, really should. Welcome to Google dorking.
Google dorking is basically just using advanced search syntax to reveal hidden information on public websites. It let’s you utilise Google to its full potential. It also works on other search engines like Google, Bing and Duck Duck Go.
This can be a good or very bad thing.
Google dorking can often reveal forgotten PDFs, documents and site pages that aren’t public facing but are still live and accessible if you know how to search for it.
For this reason, Google dorking can be used to reveal sensitive information that is available on public servers, such as email addresses, passwords, sensitive files and financial information. You can even find links to live security cameras that haven’t been password protected.
Google dorking is often used by journalists, security auditors and hackers.
Here’s an example. Let’s say I want to see what PDFs are live on a certain website. I can find that out by Googling:
filetype:pdf site:[Insert Site here]
Doing this with a company website recently revealed a weird genealogy relationship chart and a guide to amateur radio that had been uploaded to its servers by members at some point.