SlideShare a Scribd company logo

Google Hacking Basics

A
amiable_indian
TechnologyNews & Politics
1 of 32
Download to read offline
Google Hacking - The Basics Maniac
Hacking - The Basics • What exactly is Google Hacking? • Google Hacking involves using the Google search engine to identify vulnerabilities in websites.
Hacking - The Basics • Ok, so you use Google to find all of this stuff, but how do you? • Google supports a multitude of operators and modifiers that add a ton of power to google searching.
Hacking - The Basics • Mmmmmm....operators and modifiers! I want them!
Hacking - The Basics • cache: • Syntax: cache:URL [highlight] • The cache operator will search through google’s cache and return the results based on those documents. You can alternatively tell cache to highlight a word or phrase by adding it after the operator and URL.
Hacking - The Basics • link: • Syntax: link:URL • Sites that have a hyperlink to the URL specified will be returned in the search results.
Hacking - The Basics • related: • Syntax: related:URL • The related operator will return results that are “similar” to the page that was specified.
Hacking - The Basics • info: • Syntax: info:URL • This tag will give you the information that Google has on the given URL.
Hacking - The Basics • site: • Syntax: site:Domain • This modifier will restrict results to those sites within the domain given.
Hacking - The Basics • allintitle: • Syntax: allintitle: oper1 [oper2] [oper3] [etc..] • Google will restrict the results to those that have all of the words entered after the modifier within the title. NOTE: This modifier does not play well with others.
Hacking - The Basics • intitle: • Syntax: intitle:operator • Google will return only results that match the word or phrase entered after the modifier within the title of the page.
Hacking - The Basics • allinurl: • Syntax: allinurl: oper1 [oper2] [oper3] [etc...] • This modifier is similar to allintitle: in that it will use the rest of the query and look for all the words or phrases in the URL that was specified. NOTE: Also like allintitle:, this modifier doesn’t play well with others.
Hacking - The Basics • inurl: • Syntax: inurl:operator • Here is the single operator version of allinurl:. Will return anything that has the operator in the URL.
Hacking - The Basics • allintext: • Syntax: allintext: oper1 [oper2] [oper3] [etc...] • Just like not using any operators....
Hacking - The Basics • intext: • Syntax: intext:operator • Ok, ok, I’ll let you guess on this one.
Hacking - The Basics • Are you done yet? That seemed like a lot, and what the hell was with all the apple stuff? • Almost there. Now its time to start mixing and matching these modifiers and operators. • The four most commonly used will be intitle:, intext:, inurl:, and filetype: • Also note, you can use OR and + and - signs.
Hacking - The Basics • mixing in intext:, inurl:, and intitle: and looking for default drupal sites that haven’t been configured yet. • -inurl:drupal.org intext:quot;Welcome to your new Drupal-powered website.quot; intitle:drupal
Hacking - The Basics • quot;display printer statusquot; intitle:quot;Homequot;
Hacking - The Basics • Whoa! a Xerox printer!
Hacking - The Basics • quot;#mysql dumpquot; filetype:sql 21232f297a57a5a743894a0e4a801fc3 21232f297a57a5a743894a0e4a801fc3 is the MD5sum for admin
Hacking - The Basics • quot;Certificate Practice Statementquot; inurl:(PDF | DOC) CAs are the formal requests that are made to get a Digital Certificate.
Hacking - The Basics • quot;Network Vulnerability Assessment Reportquot;
Hacking - The Basics • quot;Thank you for your orderquot; +receipt filetype:pdf
Hacking - The Basics • quot;robots.txtquot; + quot;Disallow:quot; filetype:txt
Hacking - The Basics • quot;phpMyAdminquot; quot;running onquot; inurl:quot;main.phpquot;
Hacking - The Basics • quot;phone * * *quot; quot;address *quot; quot;e-mailquot; intitle:quot;curriculum vitaequot;
Hacking - The Basics • quot;social security numberquot; quot;phone * * *“ quot;address *quot; quot;e-mail *quot; intitle:quot;curriculum vitaequot; filetype:pdf site:.edu
Hacking - The Basics • ext:vmx vmx
Hacking - The Basics • filetype:QBW qbw
Hacking - The Basics • filetype:xls inurl:quot;email.xlsquot;
Hacking - The Basics • intitle:quot;Index ofquot; finances.xls
Hacking - The Basics • WOW! That was a lot of good finds! Where can I find more info on googlehacking? • http://johnny.ihackstuff.com

Recommended

Hacking
HackingHacking
HackingAshish Ranjan
 
Google Dorks
Google DorksGoogle Dorks
Google DorksAdhoura Academy
 
Google Dorks and SQL Injection
Google Dorks and SQL InjectionGoogle Dorks and SQL Injection
Google Dorks and SQL InjectionMudassir Hassan Khan
 
Spying On Google: Using Log File Analysis To Reveal Invaluable SEO Insights
Spying On Google: Using Log File Analysis To Reveal Invaluable SEO InsightsSpying On Google: Using Log File Analysis To Reveal Invaluable SEO Insights
Spying On Google: Using Log File Analysis To Reveal Invaluable SEO InsightsBristolSEO
 
Extreme Google
Extreme GoogleExtreme Google
Extreme Googlemlx
 
Demystifying google hacks
Demystifying google hacksDemystifying google hacks
Demystifying google hacksdarwinah retno
 
OER content interoperability for Wikimedia platforms (panel)
OER content interoperability for Wikimedia platforms (panel)OER content interoperability for Wikimedia platforms (panel)
OER content interoperability for Wikimedia platforms (panel)Mike Linksvayer
 
Customised Search With Google
Customised Search With GoogleCustomised Search With Google
Customised Search With GoogleDave Briggs
 

Recommended

Hacking
HackingHacking
HackingAshish Ranjan
 
Google Dorks
Google DorksGoogle Dorks
Google DorksAdhoura Academy
 
Google Dorks and SQL Injection
Google Dorks and SQL InjectionGoogle Dorks and SQL Injection
Google Dorks and SQL InjectionMudassir Hassan Khan
 
Spying On Google: Using Log File Analysis To Reveal Invaluable SEO Insights
Spying On Google: Using Log File Analysis To Reveal Invaluable SEO InsightsSpying On Google: Using Log File Analysis To Reveal Invaluable SEO Insights
Spying On Google: Using Log File Analysis To Reveal Invaluable SEO InsightsBristolSEO
 
Extreme Google
Extreme GoogleExtreme Google
Extreme Googlemlx
 
Demystifying google hacks
Demystifying google hacksDemystifying google hacks
Demystifying google hacksdarwinah retno
 
OER content interoperability for Wikimedia platforms (panel)
OER content interoperability for Wikimedia platforms (panel)OER content interoperability for Wikimedia platforms (panel)
OER content interoperability for Wikimedia platforms (panel)Mike Linksvayer
 
Customised Search With Google
Customised Search With GoogleCustomised Search With Google
Customised Search With GoogleDave Briggs
 
IQ Survival Guide - Google
IQ Survival Guide - GoogleIQ Survival Guide - Google
IQ Survival Guide - GoogleInterQuest Group
 
Introducing URL Shorteners
Introducing URL ShortenersIntroducing URL Shorteners
Introducing URL ShortenersSt. Petersburg College
 
Advanced Search Techniques In Google
Advanced Search Techniques In GoogleAdvanced Search Techniques In Google
Advanced Search Techniques In GoogleJerry Stovall
 
Google Search Techniques
Google Search TechniquesGoogle Search Techniques
Google Search TechniquesDuc Chau
 
Tornado
TornadoTornado
TornadoCristian Andreica
 
Re-using social media data
Re-using social media dataRe-using social media data
Re-using social media dataGlenn Jones
 
Web Scraping with PHP
Web Scraping with PHPWeb Scraping with PHP
Web Scraping with PHPMatthew Turland
 
The page and the desktop
The page and the desktopThe page and the desktop
The page and the desktopGlenn Jones
 
Effective Search via Google.
Effective Search via Google. Effective Search via Google.
Effective Search via Google. Kaushal Bhavsar
 
Scaling / optimizing search on netlog
Scaling / optimizing search on netlogScaling / optimizing search on netlog
Scaling / optimizing search on netlogremoved_8e0e1d901e47de676f36b9b89e06dc97
 
Explainable Machine Learning for Ranking Factors
Explainable Machine Learning for Ranking FactorsExplainable Machine Learning for Ranking Factors
Explainable Machine Learning for Ranking FactorsVincent Terrasi
 
24 b. ppt
24 b. ppt24 b. ppt
24 b. pptEscuela Superior de Deportes
 
Google search tips
Google search tipsGoogle search tips
Google search tipsYashwant Shet Talaulikar
 
Creating Linked Data 2/5 Semtech2011
Creating Linked Data 2/5 Semtech2011Creating Linked Data 2/5 Semtech2011
Creating Linked Data 2/5 Semtech2011Juan Sequeda
 
Indexing all the things: Building your search engine in python
Indexing all the things: Building your search engine in pythonIndexing all the things: Building your search engine in python
Indexing all the things: Building your search engine in pythonJoe Cabrera
 
[Tips] how to use google search efficiently
[Tips] how to use google search efficiently[Tips] how to use google search efficiently
[Tips] how to use google search efficientlySanjeev Kumar Jaiswal
 
Elastic search introduction
Elastic search introductionElastic search introduction
Elastic search introductionJackson dos Santos Olveira
 
Google and Google Scholar
Google and Google ScholarGoogle and Google Scholar
Google and Google Scholarjopitts
 
Rich Snippets چیست ؟نسخه PDF
Rich Snippets چیست ؟نسخه PDFRich Snippets چیست ؟نسخه PDF
Rich Snippets چیست ؟نسخه PDFseotrade.ir
 
20 great google secrets
20 great google secrets20 great google secrets
20 great google secretsVishal Gurujuwada
 
Google hacking 2015
Google hacking 2015Google hacking 2015
Google hacking 2015gopartheredbuff
 
CITEC #CON2-Dirty Attack with Google Hacking
CITEC #CON2-Dirty Attack with Google HackingCITEC #CON2-Dirty Attack with Google Hacking
CITEC #CON2-Dirty Attack with Google HackingPrathan Phongthiproek
 

More Related Content

What's hot

IQ Survival Guide - Google
IQ Survival Guide - GoogleIQ Survival Guide - Google
IQ Survival Guide - GoogleInterQuest Group
 
Advanced Search Techniques In Google
Advanced Search Techniques In GoogleAdvanced Search Techniques In Google
Advanced Search Techniques In GoogleJerry Stovall
 
Google Search Techniques
Google Search TechniquesGoogle Search Techniques
Google Search TechniquesDuc Chau
 
Re-using social media data
Re-using social media dataRe-using social media data
Re-using social media dataGlenn Jones
 
The page and the desktop
The page and the desktopThe page and the desktop
The page and the desktopGlenn Jones
 
Effective Search via Google.
Effective Search via Google. Effective Search via Google.
Effective Search via Google. Kaushal Bhavsar
 
Explainable Machine Learning for Ranking Factors
Explainable Machine Learning for Ranking FactorsExplainable Machine Learning for Ranking Factors
Explainable Machine Learning for Ranking FactorsVincent Terrasi
 
Creating Linked Data 2/5 Semtech2011
Creating Linked Data 2/5 Semtech2011Creating Linked Data 2/5 Semtech2011
Creating Linked Data 2/5 Semtech2011Juan Sequeda
 
Indexing all the things: Building your search engine in python
Indexing all the things: Building your search engine in pythonIndexing all the things: Building your search engine in python
Indexing all the things: Building your search engine in pythonJoe Cabrera
 
[Tips] how to use google search efficiently
[Tips] how to use google search efficiently[Tips] how to use google search efficiently
[Tips] how to use google search efficientlySanjeev Kumar Jaiswal
 
Google and Google Scholar
Google and Google ScholarGoogle and Google Scholar
Google and Google Scholarjopitts
 
Rich Snippets چیست ؟نسخه PDF
Rich Snippets چیست ؟نسخه PDFRich Snippets چیست ؟نسخه PDF
Rich Snippets چیست ؟نسخه PDFseotrade.ir
 

What's hot (20)

IQ Survival Guide - Google
IQ Survival Guide - GoogleIQ Survival Guide - Google
IQ Survival Guide - Google
 
Introducing URL Shorteners
Introducing URL ShortenersIntroducing URL Shorteners
Introducing URL Shorteners
 
Advanced Search Techniques In Google
Advanced Search Techniques In GoogleAdvanced Search Techniques In Google
Advanced Search Techniques In Google
 
Google Search Techniques
Google Search TechniquesGoogle Search Techniques
Google Search Techniques
 
Tornado
TornadoTornado
Tornado
 
Re-using social media data
Re-using social media dataRe-using social media data
Re-using social media data
 
Web Scraping with PHP
Web Scraping with PHPWeb Scraping with PHP
Web Scraping with PHP
 
The page and the desktop
The page and the desktopThe page and the desktop
The page and the desktop
 
Effective Search via Google.
Effective Search via Google. Effective Search via Google.
Effective Search via Google.
 
Scaling / optimizing search on netlog
Scaling / optimizing search on netlogScaling / optimizing search on netlog
Scaling / optimizing search on netlog
 
Explainable Machine Learning for Ranking Factors
Explainable Machine Learning for Ranking FactorsExplainable Machine Learning for Ranking Factors
Explainable Machine Learning for Ranking Factors
 
24 b. ppt
24 b. ppt24 b. ppt
24 b. ppt
 
Google search tips
Google search tipsGoogle search tips
Google search tips
 
Creating Linked Data 2/5 Semtech2011
Creating Linked Data 2/5 Semtech2011Creating Linked Data 2/5 Semtech2011
Creating Linked Data 2/5 Semtech2011
 
Indexing all the things: Building your search engine in python
Indexing all the things: Building your search engine in pythonIndexing all the things: Building your search engine in python
Indexing all the things: Building your search engine in python
 
[Tips] how to use google search efficiently
[Tips] how to use google search efficiently[Tips] how to use google search efficiently
[Tips] how to use google search efficiently
 
Elastic search introduction
Elastic search introductionElastic search introduction
Elastic search introduction
 
Google and Google Scholar
Google and Google ScholarGoogle and Google Scholar
Google and Google Scholar
 
Rich Snippets چیست ؟نسخه PDF
Rich Snippets چیست ؟نسخه PDFRich Snippets چیست ؟نسخه PDF
Rich Snippets چیست ؟نسخه PDF
 
20 great google secrets
20 great google secrets20 great google secrets
20 great google secrets
 

Viewers also liked

CITEC #CON2-Dirty Attack with Google Hacking
CITEC #CON2-Dirty Attack with Google HackingCITEC #CON2-Dirty Attack with Google Hacking
CITEC #CON2-Dirty Attack with Google HackingPrathan Phongthiproek
 
Google Hacking - Explorando falhas de dispotivos
Google Hacking - Explorando falhas de dispotivosGoogle Hacking - Explorando falhas de dispotivos
Google Hacking - Explorando falhas de dispotivosC H
 
Afceh 2.0 Final
Afceh 2.0 FinalAfceh 2.0 Final
Afceh 2.0 Finalmaheshojha
 
Segurança na Internet - Google Hacking
Segurança na Internet - Google HackingSegurança na Internet - Google Hacking
Segurança na Internet - Google HackingJoão Gabriel Lima
 
Conceitos e Leis sobre Cibercrimes - Lei Carolina Dieckmann 12.737/12
Conceitos e Leis sobre Cibercrimes - Lei Carolina Dieckmann 12.737/12 Conceitos e Leis sobre Cibercrimes - Lei Carolina Dieckmann 12.737/12
Conceitos e Leis sobre Cibercrimes - Lei Carolina Dieckmann 12.737/12 C H
 
The Web, The User and the Library (and why to get in between)
The Web, The User and the Library (and why to get in between)The Web, The User and the Library (and why to get in between)
The Web, The User and the Library (and why to get in between)Guus van den Brekel
 
TYPES OF HACKING
TYPES OF HACKINGTYPES OF HACKING
TYPES OF HACKINGSHERALI445
 
Phishing As Tragedy of the Commons
Phishing As Tragedy of the CommonsPhishing As Tragedy of the Commons
Phishing As Tragedy of the Commonsamiable_indian
 
Circular Economy - And Open Source + Hacking As Paths To It
Circular Economy - And Open Source + Hacking As Paths To It Circular Economy - And Open Source + Hacking As Paths To It
Circular Economy - And Open Source + Hacking As Paths To It Lars Zimmermann
 
El Information Security Forum
El Information Security ForumEl Information Security Forum
El Information Security ForumConferencias FIST
 
Introdução à Shellscript
Introdução à ShellscriptIntrodução à Shellscript
Introdução à ShellscriptVinícius Hax
 
How To Be A Hacker
How To Be A HackerHow To Be A Hacker
How To Be A HackerPaul Tarjan
 
Athens Bullseye Meetup #1
Athens Bullseye Meetup #1Athens Bullseye Meetup #1
Athens Bullseye Meetup #1GrowthRocks
 
2010: A Web Hacking Odyssey - Top Ten Hacks of the Year
2010: A Web Hacking Odyssey - Top Ten Hacks of the Year2010: A Web Hacking Odyssey - Top Ten Hacks of the Year
2010: A Web Hacking Odyssey - Top Ten Hacks of the YearJeremiah Grossman
 

Viewers also liked (20)

Google hacking 2015
Google hacking 2015Google hacking 2015
Google hacking 2015
 
CITEC #CON2-Dirty Attack with Google Hacking
CITEC #CON2-Dirty Attack with Google HackingCITEC #CON2-Dirty Attack with Google Hacking
CITEC #CON2-Dirty Attack with Google Hacking
 
Google Hacking - Explorando falhas de dispotivos
Google Hacking - Explorando falhas de dispotivosGoogle Hacking - Explorando falhas de dispotivos
Google Hacking - Explorando falhas de dispotivos
 
Google Hack
Google HackGoogle Hack
Google Hack
 
Afceh 2.0 Final
Afceh 2.0 FinalAfceh 2.0 Final
Afceh 2.0 Final
 
Segurança na Internet - Google Hacking
Segurança na Internet - Google HackingSegurança na Internet - Google Hacking
Segurança na Internet - Google Hacking
 
Conceitos e Leis sobre Cibercrimes - Lei Carolina Dieckmann 12.737/12
Conceitos e Leis sobre Cibercrimes - Lei Carolina Dieckmann 12.737/12 Conceitos e Leis sobre Cibercrimes - Lei Carolina Dieckmann 12.737/12
Conceitos e Leis sobre Cibercrimes - Lei Carolina Dieckmann 12.737/12
 
The Web, The User and the Library (and why to get in between)
The Web, The User and the Library (and why to get in between)The Web, The User and the Library (and why to get in between)
The Web, The User and the Library (and why to get in between)
 
Phishing-Updated
Phishing-UpdatedPhishing-Updated
Phishing-Updated
 
TYPES OF HACKING
TYPES OF HACKINGTYPES OF HACKING
TYPES OF HACKING
 
Google as a Hacking Tool
Google as a Hacking ToolGoogle as a Hacking Tool
Google as a Hacking Tool
 
Phishing As Tragedy of the Commons
Phishing As Tragedy of the CommonsPhishing As Tragedy of the Commons
Phishing As Tragedy of the Commons
 
Circular Economy - And Open Source + Hacking As Paths To It
Circular Economy - And Open Source + Hacking As Paths To It Circular Economy - And Open Source + Hacking As Paths To It
Circular Economy - And Open Source + Hacking As Paths To It
 
El Information Security Forum
El Information Security ForumEl Information Security Forum
El Information Security Forum
 
Google hacking
Google hackingGoogle hacking
Google hacking
 
Introdução à Shellscript
Introdução à ShellscriptIntrodução à Shellscript
Introdução à Shellscript
 
How To Be A Hacker
How To Be A HackerHow To Be A Hacker
How To Be A Hacker
 
Athens Bullseye Meetup #1
Athens Bullseye Meetup #1Athens Bullseye Meetup #1
Athens Bullseye Meetup #1
 
Hacking For Innovation Delhi
Hacking For Innovation DelhiHacking For Innovation Delhi
Hacking For Innovation Delhi
 
2010: A Web Hacking Odyssey - Top Ten Hacks of the Year
2010: A Web Hacking Odyssey - Top Ten Hacks of the Year2010: A Web Hacking Odyssey - Top Ten Hacks of the Year
2010: A Web Hacking Odyssey - Top Ten Hacks of the Year
 

Similar to Google Hacking Basics

Perl web programming
Perl web programmingPerl web programming
Perl web programmingJohnny Pork
 
I've (probably) been using Google App Engine for a week longer than you have
I've (probably) been using Google App Engine for a week longer than you haveI've (probably) been using Google App Engine for a week longer than you have
I've (probably) been using Google App Engine for a week longer than you haveSimon Willison
 
Intro To Django
Intro To DjangoIntro To Django
Intro To DjangoUdi Bauman
 
Hiveminder - Everything but the Secret Sauce
Hiveminder - Everything but the Secret SauceHiveminder - Everything but the Secret Sauce
Hiveminder - Everything but the Secret SauceJesse Vincent
 
Beijing Perl Workshop 2008 Hiveminder Secret Sauce
Beijing Perl Workshop 2008 Hiveminder Secret SauceBeijing Perl Workshop 2008 Hiveminder Secret Sauce
Beijing Perl Workshop 2008 Hiveminder Secret SauceJesse Vincent
 
Kiran karnad rtc2014 ghdb-final
Kiran karnad rtc2014 ghdb-finalKiran karnad rtc2014 ghdb-final
Kiran karnad rtc2014 ghdb-finalRomania Testing
 
Static Analysis Techniques For Testing Application Security - Houston Tech Fest
Static Analysis Techniques For Testing Application Security - Houston Tech FestStatic Analysis Techniques For Testing Application Security - Houston Tech Fest
Static Analysis Techniques For Testing Application Security - Houston Tech FestDenim Group
 
Jun Heider - Flex Application Profiling By Example
Jun Heider - Flex Application Profiling By ExampleJun Heider - Flex Application Profiling By Example
Jun Heider - Flex Application Profiling By Example360|Conferences
 
When To Use Ruby On Rails
When To Use Ruby On RailsWhen To Use Ruby On Rails
When To Use Ruby On Railsdosire
 
DevOps Fest 2019. Gianluca Arbezzano. DevOps never sleeps. What we learned fr...
DevOps Fest 2019. Gianluca Arbezzano. DevOps never sleeps. What we learned fr...DevOps Fest 2019. Gianluca Arbezzano. DevOps never sleeps. What we learned fr...
DevOps Fest 2019. Gianluca Arbezzano. DevOps never sleeps. What we learned fr...DevOps_Fest
 
Server Logs: After Excel Fails
Server Logs: After Excel FailsServer Logs: After Excel Fails
Server Logs: After Excel FailsOliver Mason
 
Administrators admin tips tricks and hacks presented by an ex-googler
Administrators admin tips tricks and hacks presented by an ex-googlerAdministrators admin tips tricks and hacks presented by an ex-googler
Administrators admin tips tricks and hacks presented by an ex-googlerzpurcey
 

Similar to Google Hacking Basics (20)

ki
kiki
ki
 
Google Hacking Basic
Google Hacking BasicGoogle Hacking Basic
Google Hacking Basic
 
Perl web programming
Perl web programmingPerl web programming
Perl web programming
 
I've (probably) been using Google App Engine for a week longer than you have
I've (probably) been using Google App Engine for a week longer than you haveI've (probably) been using Google App Engine for a week longer than you have
I've (probably) been using Google App Engine for a week longer than you have
 
Mojolicious
MojoliciousMojolicious
Mojolicious
 
Intro To Django
Intro To DjangoIntro To Django
Intro To Django
 
Hiveminder - Everything but the Secret Sauce
Hiveminder - Everything but the Secret SauceHiveminder - Everything but the Secret Sauce
Hiveminder - Everything but the Secret Sauce
 
Beijing Perl Workshop 2008 Hiveminder Secret Sauce
Beijing Perl Workshop 2008 Hiveminder Secret SauceBeijing Perl Workshop 2008 Hiveminder Secret Sauce
Beijing Perl Workshop 2008 Hiveminder Secret Sauce
 
Kiran karnad rtc2014 ghdb-final
Kiran karnad rtc2014 ghdb-finalKiran karnad rtc2014 ghdb-final
Kiran karnad rtc2014 ghdb-final
 
Static Analysis Techniques For Testing Application Security - Houston Tech Fest
Static Analysis Techniques For Testing Application Security - Houston Tech FestStatic Analysis Techniques For Testing Application Security - Houston Tech Fest
Static Analysis Techniques For Testing Application Security - Houston Tech Fest
 
Jun Heider - Flex Application Profiling By Example
Jun Heider - Flex Application Profiling By ExampleJun Heider - Flex Application Profiling By Example
Jun Heider - Flex Application Profiling By Example
 
When To Use Ruby On Rails
When To Use Ruby On RailsWhen To Use Ruby On Rails
When To Use Ruby On Rails
 
Google App Engine
Google App EngineGoogle App Engine
Google App Engine
 
Sinatra
SinatraSinatra
Sinatra
 
Introduce Django
Introduce DjangoIntroduce Django
Introduce Django
 
groovy & grails - lecture 9
groovy & grails - lecture 9groovy & grails - lecture 9
groovy & grails - lecture 9
 
DevOps Fest 2019. Gianluca Arbezzano. DevOps never sleeps. What we learned fr...
DevOps Fest 2019. Gianluca Arbezzano. DevOps never sleeps. What we learned fr...DevOps Fest 2019. Gianluca Arbezzano. DevOps never sleeps. What we learned fr...
DevOps Fest 2019. Gianluca Arbezzano. DevOps never sleeps. What we learned fr...
 
Api Design
Api DesignApi Design
Api Design
 
Server Logs: After Excel Fails
Server Logs: After Excel FailsServer Logs: After Excel Fails
Server Logs: After Excel Fails
 
Administrators admin tips tricks and hacks presented by an ex-googler
Administrators admin tips tricks and hacks presented by an ex-googlerAdministrators admin tips tricks and hacks presented by an ex-googler
Administrators admin tips tricks and hacks presented by an ex-googler
 

More from amiable_indian

Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art amiable_indian
 
Secrets of Top Pentesters
Secrets of Top PentestersSecrets of Top Pentesters
Secrets of Top Pentestersamiable_indian
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Securityamiable_indian
 
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...amiable_indian
 
Workshop on BackTrack live CD
Workshop on BackTrack live CDWorkshop on BackTrack live CD
Workshop on BackTrack live CDamiable_indian
 
Reverse Engineering for exploit writers
Reverse Engineering for exploit writersReverse Engineering for exploit writers
Reverse Engineering for exploit writersamiable_indian
 
State of Cyber Law in India
State of Cyber Law in IndiaState of Cyber Law in India
State of Cyber Law in Indiaamiable_indian
 
AntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the uglyAntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the uglyamiable_indian
 
Reverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure CodingReverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure Codingamiable_indian
 
Network Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons LearnedNetwork Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons Learnedamiable_indian
 
Economic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds DissectedEconomic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds Dissectedamiable_indian
 
Immune IT: Moving from Security to Immunity
Immune IT: Moving from Security to ImmunityImmune IT: Moving from Security to Immunity
Immune IT: Moving from Security to Immunityamiable_indian
 
Reverse Engineering for exploit writers
Reverse Engineering for exploit writersReverse Engineering for exploit writers
Reverse Engineering for exploit writersamiable_indian
 
Hacking Client Side Insecurities
Hacking Client Side InsecuritiesHacking Client Side Insecurities
Hacking Client Side Insecuritiesamiable_indian
 
Web Exploit Finder Presentation
Web Exploit Finder PresentationWeb Exploit Finder Presentation
Web Exploit Finder Presentationamiable_indian
 
Network Security Data Visualization
Network Security Data VisualizationNetwork Security Data Visualization
Network Security Data Visualizationamiable_indian
 
Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization amiable_indian
 
Top Network Vulnerabilities Over Time
Top Network Vulnerabilities Over TimeTop Network Vulnerabilities Over Time
Top Network Vulnerabilities Over Timeamiable_indian
 
What are the Business Security Metrics?
What are the Business Security Metrics? What are the Business Security Metrics?
What are the Business Security Metrics? amiable_indian
 
No Substitute for Ongoing Data, Quantification, Visualization, and Story-Telling
No Substitute for Ongoing Data, Quantification, Visualization, and Story-TellingNo Substitute for Ongoing Data, Quantification, Visualization, and Story-Telling
No Substitute for Ongoing Data, Quantification, Visualization, and Story-Tellingamiable_indian
 

More from amiable_indian (20)

Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art
 
Secrets of Top Pentesters
Secrets of Top PentestersSecrets of Top Pentesters
Secrets of Top Pentesters
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Security
 
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
 
Workshop on BackTrack live CD
Workshop on BackTrack live CDWorkshop on BackTrack live CD
Workshop on BackTrack live CD
 
Reverse Engineering for exploit writers
Reverse Engineering for exploit writersReverse Engineering for exploit writers
Reverse Engineering for exploit writers
 
State of Cyber Law in India
State of Cyber Law in IndiaState of Cyber Law in India
State of Cyber Law in India
 
AntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the uglyAntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the ugly
 
Reverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure CodingReverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure Coding
 
Network Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons LearnedNetwork Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons Learned
 
Economic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds DissectedEconomic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds Dissected
 
Immune IT: Moving from Security to Immunity
Immune IT: Moving from Security to ImmunityImmune IT: Moving from Security to Immunity
Immune IT: Moving from Security to Immunity
 
Reverse Engineering for exploit writers
Reverse Engineering for exploit writersReverse Engineering for exploit writers
Reverse Engineering for exploit writers
 
Hacking Client Side Insecurities
Hacking Client Side InsecuritiesHacking Client Side Insecurities
Hacking Client Side Insecurities
 
Web Exploit Finder Presentation
Web Exploit Finder PresentationWeb Exploit Finder Presentation
Web Exploit Finder Presentation
 
Network Security Data Visualization
Network Security Data VisualizationNetwork Security Data Visualization
Network Security Data Visualization
 
Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization
 
Top Network Vulnerabilities Over Time
Top Network Vulnerabilities Over TimeTop Network Vulnerabilities Over Time
Top Network Vulnerabilities Over Time
 
What are the Business Security Metrics?
What are the Business Security Metrics? What are the Business Security Metrics?
What are the Business Security Metrics?
 
No Substitute for Ongoing Data, Quantification, Visualization, and Story-Telling
No Substitute for Ongoing Data, Quantification, Visualization, and Story-TellingNo Substitute for Ongoing Data, Quantification, Visualization, and Story-Telling
No Substitute for Ongoing Data, Quantification, Visualization, and Story-Telling
 

Recently uploaded

WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 

Recently uploaded (20)

WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 

Google Hacking Basics

  • 1. Google Hacking - The Basics Maniac
  • 2. Hacking - The Basics • What exactly is Google Hacking? • Google Hacking involves using the Google search engine to identify vulnerabilities in websites.
  • 3. Hacking - The Basics • Ok, so you use Google to find all of this stuff, but how do you? • Google supports a multitude of operators and modifiers that add a ton of power to google searching.
  • 4. Hacking - The Basics • Mmmmmm....operators and modifiers! I want them!
  • 5. Hacking - The Basics • cache: • Syntax: cache:URL [highlight] • The cache operator will search through google’s cache and return the results based on those documents. You can alternatively tell cache to highlight a word or phrase by adding it after the operator and URL.
  • 6. Hacking - The Basics • link: • Syntax: link:URL • Sites that have a hyperlink to the URL specified will be returned in the search results.
  • 7. Hacking - The Basics • related: • Syntax: related:URL • The related operator will return results that are “similar” to the page that was specified.
  • 8. Hacking - The Basics • info: • Syntax: info:URL • This tag will give you the information that Google has on the given URL.
  • 9. Hacking - The Basics • site: • Syntax: site:Domain • This modifier will restrict results to those sites within the domain given.
  • 10. Hacking - The Basics • allintitle: • Syntax: allintitle: oper1 [oper2] [oper3] [etc..] • Google will restrict the results to those that have all of the words entered after the modifier within the title. NOTE: This modifier does not play well with others.
  • 11. Hacking - The Basics • intitle: • Syntax: intitle:operator • Google will return only results that match the word or phrase entered after the modifier within the title of the page.
  • 12. Hacking - The Basics • allinurl: • Syntax: allinurl: oper1 [oper2] [oper3] [etc...] • This modifier is similar to allintitle: in that it will use the rest of the query and look for all the words or phrases in the URL that was specified. NOTE: Also like allintitle:, this modifier doesn’t play well with others.
  • 13. Hacking - The Basics • inurl: • Syntax: inurl:operator • Here is the single operator version of allinurl:. Will return anything that has the operator in the URL.
  • 14. Hacking - The Basics • allintext: • Syntax: allintext: oper1 [oper2] [oper3] [etc...] • Just like not using any operators....
  • 15. Hacking - The Basics • intext: • Syntax: intext:operator • Ok, ok, I’ll let you guess on this one.
  • 16. Hacking - The Basics • Are you done yet? That seemed like a lot, and what the hell was with all the apple stuff? • Almost there. Now its time to start mixing and matching these modifiers and operators. • The four most commonly used will be intitle:, intext:, inurl:, and filetype: • Also note, you can use OR and + and - signs.
  • 17. Hacking - The Basics • mixing in intext:, inurl:, and intitle: and looking for default drupal sites that haven’t been configured yet. • -inurl:drupal.org intext:quot;Welcome to your new Drupal-powered website.quot; intitle:drupal
  • 18. Hacking - The Basics • quot;display printer statusquot; intitle:quot;Homequot;
  • 19. Hacking - The Basics • Whoa! a Xerox printer!
  • 20. Hacking - The Basics • quot;#mysql dumpquot; filetype:sql 21232f297a57a5a743894a0e4a801fc3 21232f297a57a5a743894a0e4a801fc3 is the MD5sum for admin
  • 21. Hacking - The Basics • quot;Certificate Practice Statementquot; inurl:(PDF | DOC) CAs are the formal requests that are made to get a Digital Certificate.
  • 22. Hacking - The Basics • quot;Network Vulnerability Assessment Reportquot;
  • 23. Hacking - The Basics • quot;Thank you for your orderquot; +receipt filetype:pdf
  • 24. Hacking - The Basics • quot;robots.txtquot; + quot;Disallow:quot; filetype:txt
  • 25. Hacking - The Basics • quot;phpMyAdminquot; quot;running onquot; inurl:quot;main.phpquot;
  • 26. Hacking - The Basics • quot;phone * * *quot; quot;address *quot; quot;e-mailquot; intitle:quot;curriculum vitaequot;
  • 27. Hacking - The Basics • quot;social security numberquot; quot;phone * * *“ quot;address *quot; quot;e-mail *quot; intitle:quot;curriculum vitaequot; filetype:pdf site:.edu
  • 28. Hacking - The Basics • ext:vmx vmx
  • 29. Hacking - The Basics • filetype:QBW qbw
  • 30. Hacking - The Basics • filetype:xls inurl:quot;email.xlsquot;
  • 31. Hacking - The Basics • intitle:quot;Index ofquot; finances.xls
  • 32. Hacking - The Basics • WOW! That was a lot of good finds! Where can I find more info on googlehacking? • http://johnny.ihackstuff.com