The main aim of writing this blog is to get you all familiar with Google Dorking, its importance in OSINT and possible use cases.
Before starting learning about Google Dorking, let’s get familiar with Search Engines, how they works.
Search Engines are software(usually web applications) that are accessed via internet that searches a database of information according to the user’s query. Consider these to be like a digital version of Librarian. Google, Yahoo, Bing, etc. are good examples of search engines.
Their are different number of types of search engines ranging from general search engines like Google, Yahoo which we use in everyday life to People Search Engine like Spokeo, Been Verified, etc. We will learn about these in upcoming blogs.
How Does Search Engines Work?
There are three main functions of search engine which decides if the search engine is of good use or just a waste of time and these are following-
- Crawling -
Every search engines has a crawler of its own which we usually call crawl bot like Google have google-bot, Bing has bing-bot. Similarly, every general search engine has its own crawler bot. These bots keeps crawling for discovering new website, new webpages and new contents on existing website and web pages. These are the ones who are responsible for discovering all kinds of data from the internet.
- Indexing -
Once crawler bots crawl a new website, web page or new content on existing websites, it’s the the time to index that data in the database. This is the process where decisions related to index are taken. It decides for which keywords which content and website would be displayed and in what order.
- Query -
Now, whenever a user enters any text on search engine, the search engine searches for those keywords in their database, it tries to find the most suitable results from the database and displays it to user. Querying seems to simple from user side but their is a lot of work done in the background like deciding which content is best suited, which website should be indexed at what number and many more.
Now, as we have understood the working procedure of search engines, let’s understand about Dorking.
Dorking is a approach where search operators are used for identifying confidential information or for reducing unnecessary information. It’s mostly used by hacker’s and cybersecurity experts but it has wide use cases across all industries. For example, in OSINT, we use it to eliminate search results which are un related to our search or less useful.
What are Google Dorks?
Google Dorks, also known as Google Dorking or Google Hacking is a hacking technique which is used to find the best desired search results without wasting time in exploring google for required information. Normally, google dorks is used by researchers or hackers to find critical information about a company, individual, a software or app, a research topic or anything else. But a normal person can also use google dorks in many places and can save time and will definitely get better information.
It is a specialized case of Dorking where we use Dorking for Google. Their exists dorks for other search engines too like Bing Dorks, Shodan Dorks, etc.
How Google Dorks?
As you all know, Google crawls almost all websites and indexes almost everything available on that website including some sensitive information. That simply means google exposes too much information about websites including the technologies used, username, passwords, and some other general vulnerabilities.
By using some simple techniques which we call google dorks, we are just exploring that sensitive information. Apart from this, by using google dorks, we can also help google to understand more about what search results we are expecting from google. Consider it like, by using dorks, we instructs Google to show us that required information only instead of showing a large number of search results.
Why we need Google Dorks?
Everyone uses google dorks for a different purpose. Below are some of the most common reasons for using google dorks -
- cybersecurity experts uses google dorks to find critical information which gets exposed by mistake or exposed by someone knowingly about anything so that they can later on hide or delete that so that no one can use that for any wrong purpose.
- researchers, content writers, journalists , etc. uses google dorks to gather all the information available on google about a particular topic so that they can use that information for reaching their own goals.
- students mainly uses google dorks to find answers to their questions which are from their textbook or asked by someone or for finding leaked versions of a course or a book for free.
- companies and their employees uses google dorks to gather information about their competitors and for finding honest reviews of their products or services so that they can use that information further for improving their products and services and which in results helps their company grow faster.
These are just most popular use cases, but the use of Google Dorks is widespread and not limited to these.
What can we find from Google Dorks?
Google dorks can be used to find a variety of information in many aspects but it mainly used to find the information described below -
- critical information of a website, company, organization, software
- blogs, articles, research papers, etc. on a particular topic
- leaked courses and eBooks
- reviews about a company, it’s product and about it’s services
- finding solutions of answers of textbook questions
Apart from these, there exist many other kinds of information which can be found via google dorks very easily.
That’s it for this blog, in next blog, we will be learning about how to use google dorks.
If i missed something, let me know, so we can cover that topic or point in upcoming blogs.