Google Dorks!!

OSINT (Open Source Intelligence) okay you all know about it very well osint is the practice of collecting information which is available publicly or published by people on social media. OSINT operations, are practiced by IT security pros, malicious hackers they use advanced techniques to search through the vast haystack of visible data to find the needles they’re looking for to achieve their goals and learn information that many don’t realize is public.

Google hacking is a real thing that real hackers use, thus the first question Is it legal?? or FBI will be at your door…. 😦

It is legit legal until you cross the line; don’t worry, you will learn where the line is. Before hacking, we try to discover as much as we can, which is referred to as recon, foot-printing, or fingerprinting, because the more you know about your target, the better you can hack into it.
It is legal since we are using passive recon simply searching at information that has been made publicly available, whether intentionally or unintentionally. For example, if someone left their webcam open to the internet or left their passwords, we can find them by using basic Google search operators and tactics.

Now when we search on google Coffee we get ton of results but as a hacker we don’t want it we want to narrow it down

Here comes, Google Search Operators

Let’s start with the operator site: if I only want to search for coffee on Starbucks’ website and get the results, I’ll search coffee site:”starbucks.com” and the shown results will narrow it down to the starbucks.com website, even if the images displayed are of starbucks.com.

Let’s see what inurl: is capable of inurl: searches for a particular term in a URL. Why would one use this? Because we can find something interesting that is hidden or vulnerable that we would not find normally, and intext: is used to find the term in the body, and as the name suggests intitle: is used to search about a term in title.

Now this is getting interesting; take a close look at the results and the url; this is only the beginning, and it has already begun to show what it is capable of. Let’s dive into it and learn about the operators, such as

filetype: this is certainly used to look for a certain file type, for example: filetype:pdf will search all pdf files. If we consider our style example, we can use filetype:env / filetype:log / filetype:reg This :env file can reveal database credentials, :log file can give you some valuable information and :reg you know the power of registry file how windows are configured.

Now, the highlighted section in the first picture is the limit that you read at the beginning. Never go and try it without permission be ethical hacker:The good one 🙂

cache: this displays a cached version of any webpage for example cache:techguy396.com

Let’s look at a few live webcams. This may sound a little creepy, but have you ever wondered whether anyone on the internet could view your private live camera? You can obtain live camera web pages that are not IP-restricted by using Google hacking techniques. If you are clever enough to mess with Google Dork, you can not only watch, but also remotely operate the entire admin panel and even re-configure the cameras.

You’re right, you have to think first to be right, however these are live webcams that we can expose.

Let’s explore open ftp server’s Internal information may be accidentally published as a result of a failure to set access rights in the FTP. Even more harmful, if the FTP server is in “Write” mode, the server may be used as “storage” for computer viruses and illegally copied files.

With the following dork command, you will be able to easily explore the publicly exposed FTP Servers, which can sometimes explore many things.

intitle:"index of" inurl:ftp

In order to search for list of websites that uses HTTP protocol, you can simply type the following dork command.

intitle:"index of" inurl:http after:2020

You can also be more specific and and search for online forums that uses HTTP by simply changing the text in the search title.

intitle:"forum" inurl:http after:2020

You can learn more about similar exploits by checking exploit db.

Brain Tattoo :-

• site:
• inurl:
• intext:
• intitle:
• filetype:
• filetype:env — can reveal database credentials
• filetype:log — can give you some valuable information
• filetype:reg — can revel registry
• filetype:pdf — will search all pdf files.
• cache: