Search google like a pro-HACKER : Top google hacks you must know!

Googling is a skill now days. Searching specific result in google is time consuming for a regular user but there are some great google hacking techniques which makes your life easier. Check out the blog for awesome google hacks.

CYBERSECURITY

2021-08-15 6 min read

Search google like a pro-HACKER - Top google hacks you must know!

Google dorks are the key to search google like a pro.

It saves a lot of time scrolling down pages and let us search specific content on google. It is also known as Google hacking.

For a regular user, google is a tool to search for photo videos, etc. But it is a great hacking tool for security researchers.

Well, google hacking doesn't mean you can hack websites through google but you can identify some sensitive information, usernames, vulnerabilities or files about the target using these dorks.

Important note: the information is publicly available on the Internet, it is advised to be used by Google on a legal basis, people with malicious intentions may use this sensitive information to damage your online assets.

Be aware that Google also knows everything when you try these dorks and other syntaxes. For reasons, you are advised to use google dorks with good intentions whether you are a regular user or a security researcher.

If you fire multiple requests within a short period containing these google dorks with sensitive search, Google will send out you a warning and may ask you to solve a Re-captcha challenge.

Most popular google dorks:

These information is for education purpose only. Usage of these information/Data/Tools/Techniques for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws. The Computer Joker/Instructor/Owner assume no liability and are not responsible for any misuse or damage caused by this program. Only use for educational purpose. The Computer Joker/Instructor do not support/promote hacking. For more details, head to our t&c page.

filetype

"filetype:" lets you find a file with a specific extension.

e.g. You want to download an ebook in pdf format you can google:

Hacker's handbook filetype: pdf

This will only show you the results of PDF files. Cool, isn't it?

filetype the computer joker

inurl

"inurl:" lets you find specific URLs containing the keywords you searching for.

e.g. You want to find all the pages containing a login function, google

inurl: login.php

site

'site:' lets you find specific content on a website.

e.g. You want to find a "how to start your career in cybersecurity" query on a specific website, you can google.

site: thecomputerjoker.com how to start your career in cybersecurity

site the computer joker

allintext

'allintext:' lets you find any keywords available on the website with exact texts.

e.g. You want to find any text, you can google,

allintext: the computer joker

allintext the computer joker

intitle

"intitle:"lets you find any keywords exactly matches the title of the available content on the internet.

e.g. You want to find any title, you can google,

intitle: thecomputerjoker


intitle the computer joker

practical examples to get the best out of google hacking.

These information is for education purpose only. Usage of these information/Data/Tools/Techniques for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws. The Computer Joker/Instructor/Owner assume no liability and are not responsible for any misuse or damage caused by this program. Only use for educational purpose. The Computer Joker/Instructor do not support/promote hacking. For more details, head to our t&c page.

ADMINPANEL

It is very crucial to find the login pages of the website and admin panels.

A simple query to find the admin panel is

Inurl: admin.php

If you want to find the admin panel of a specific website then

inurl: admin.php site: anysite.com

adminpanel the computer joker

log files

Log files may contain sensitive data about the application, system, users and other CMS frameworks. 

For this, we need to combine multiple dorks.

allintext:username filetype:log

This search will return us all the results of log files containing username as a text.

log the computer joker

email list

It's pretty much simple to find an email list on google with these dorks.

We are finding an excel file that contains email lists

filetype:xls inurl:"email.xls"

To find the list on a specific website, we need to add that website name in the search under Site operator.

site: thecomputerjoker.com filetype:xls inurl:"email.xls"

email the computer joker

live cameras

The following Google hacking techniques helps to fetch live camera web pages that are not restricted by IP.

intitle:”Live View / – AXIS”

inurl: /view.shtml

inurl:view/indexframe.shtml

live camera the computer joker

movie database

There are multiple OTT platforms such as Netflix, Prime Video, Disney+ Hostar available and subscribing to all these is costly so, you can use the following google hack to stream/download movies.

inurl: index of movies

intitle: index of movies

movies the computer joker

ebook download

If you want to learn something through the ebook then you don't need to scroll down pages for that you can simply follow the following technique to download/view your eBook in pdf format

filetype:pdf hackers handbook


ebook the computer joker

zoom meetings

Remember the time when the initial lockdown was imposed and people went on zoom. Many reported "zoom-bombing" where people were disrupting zoom meetings. Though now they have placed some restrictions on the same you still can find the meeting if the URL is shared.

inurl:zoom.us/j and intext: scheduled for


zoom the computer joker

database dumps

Sometimes the database is available on the internet due to false backup by the admin on the webserver and misconfigured system.

"index of" "database.sql.zip"

dumps the computer joker

wordpress admin

This is simple as finding a specific page. You can go following the google technique for the same. You can find the admin panel on a specific site by adding site: operator.

intitle:"Index of" wp-admin


wp admin the computer joker

phpmyadmin

phpMyAdmin can be found on the XAMPP server which is used to administrate the SQL database.

"Index of" inurl:PHPMyAdmin


phpmyadmin the computer joker

sql injection points

Most of the SQL injections are tend to be found on the id parameter. So, this is a helpful dork for cybersecurity beginners to find websites that may be vulnerable to SQL injection

Inurl: *.php?id=

sql points the computer joker

logical operators on google

and

AND or +

To find results that include two or more keywords

The + Computer joker

The AND computer joker

the + the computer joker

not

NOT or -

To find a result that excludes two or more keywords

the computer joker - hacking

the computer joker NOT hacking

not the computer joker

or

OR or |

To find a result that includes one or another keyword

the | computer joker

the OR computer joker

the computer joker OR

find exact match

Double quotes(")

To find an exact match

"the computer joker"

exact the computer joker

wild card guess

Asterisk (*)

To find a result that includes a single-word wildcard

the computer joker *

adminpanel the computer joker

how to keep your online asset safe?

Google hacking is nothing but a reconnaissance method to identify sensitive information available on the internet. This information could be available by misconfiguration or human error. This information could be used to discover potential vulnerabilities.

The most effective way to protect yourself against Google hacks is to make sure that you don’t have any sensitive/exposed files or pages.

You can search the google hacking database(GHDB) for all the updated google dorks.

Link: https://www.exploit-db.com

Thank you for reading!

If you want more content then please subscribe to our blog and follow us on our socials, this is will motivate us to publish more awesome content.


Start the free course now!

Entry Level Course combining all concepts above 

You can go for the course listed on our website as well. It is an beginner-level course(CCSA) where you can learn Cybersecurity from scratch. It is a FREE course for now and will be FREE forever!

Social

Contact

hi@thecomputerjoker.com

© copyrighted 2021. All Rights Reserved.