Google Hacking | Learn to Search Google for Sensitive Info!
Hacking Google Today? Really? No of course Not! Google Hacking is a term used when a hackers run customized queries against Google in a hope to find some targeted and sensitive info. These search queries are sometimes very simple but effective.
In this tutorial, we’ll be learning about some advanced Google searching options and filters. These Google Hacking commands will take your searching capabilities to next level.
Table of Contents [Quick Links]
Google Hacking For Searching a Website
When you find any website that don’t provide searching facility or any search box, you can try following Google Hacking search filter.
Of course, you have to remove himanshunegi.in with desired website name and any-keywords with search terms.
There are many search filters available for you to search any website. Following are few examples.
Google Commands for Better Searching
Quotation: If you are looking for an exact term or phrase then use quotation marks. Adding quotation can help you reveal some interesting and exact search result. Example: “I love Google Hacking”.
filetype: Are you looking for PPT or PDF or any specific type of file on Google? Just use the filetype: Google Search filter. Example: filetype:pdf Google Hacking.
definition: Looking for a definition? Well, try this keyword. Example: definition:Computer. In shorthand, define: can also be used instead of definition. Example: define:computer!
cache: Interested in seeing a deleted website or webpage. Try Google cache for any webpage when it doesn’t exist in reality. This command can be used to view blocked website. Eg: cache:example.com
link: Restricts the search to hypertext links in documents. It can be useful if you wish to find out how many sites link to a particular page. For eg, link:example.com
intitle: This will search for any of the words in the title of the web page.
allintitle: This command make sure that ALL words must be present in the title.
info: Finding more information about a website. Example: info:himanshunegi.in.
related: Shows related pages for a url
Try Some mixed-random commands:
- site:example.com filetype:pdf search-terms
- “intitle:index.of?mp3 eminem”
Google Hacking with Logical Operators
AND: If you wish to see only the search results that have both your keywords then you can search with AND. Example: Mars AND Moon.
OR: If you wish any of your keyword to be searched or both then you can try OR. Example: Mars OR Moon will return results for “Mars” or “Moon” or “Mars Moon”.
NOT: If you wish to exclude any term from Google search result then try NOT. Example: Mars NOT moon will return pages that have information about mars and will exclude results having keyword moon.
Tip: A + symbol can be used instead of AND, | for OR and – for NOT.
Example: Mars + Moon, Mars | Moon, Mars – Moon.
Google Hacking Trick to Find Online Camera’s
You’ll be surprised to see the number of online cameras that are not secured or are just open. You can freely watch them as no authorization is needed. Try the following Google Hacking command.
- intitle:”Live View / – AXIS”
Note: It might be illegal to watch these cams! So, be aware, I had already warned you!
Great Google Hacking Queries and Database
Here comes the best part, you’re going to find highly sensitive and confidential information using Google Hacking. Following websites have a great databases of such commands.
The Google Hacking Database (GHDB) is a database of queries that identify sensitive data.
How to Protect Against Google Hacking?
- Perform Google Hacking against yourself and verify that you aren’t vulnerable to Google Hacking.
- Use robots.txt file on your website to stop search engines from indexing your important and confidential pages. File- robots.txt is definitely not a safe method. In some cases it can be used against yourself to quickly find sensitive info about yourself.
- Hide important pages and documents behind login page (authentication).
- For safety purpose, confidential pages/info should be taken down.
- Don’t upload confidential pages/data on web server that are indexed by search engines.