Google Hacking
About this tool
Uses advanced search operators (Google Dorks) to find juicy information about target websites.
Every penetration test should start with a passive reconnaissance phase. Since public search engines have gathered huge amounts of information about almost every website from the Internet, it is a good idea to make some queries and get this information from them. Very often you will find sensitive information or data that is not supposed to be public.
Google has a set of advanced search operators which can be used to find interesting information about a target website or domain.
Our tool aggregates a couple of useful search expressions (Google dorks) that you can use to extract 'juicy' data from Google. More Google dorks can be found here.
Your browser must allow popups.
Parameters
Target website/domain: As the name says, this is your target website or domain for which you are querying Google. When you specify a domain name (ex. adobe.com), Google will return results for all subdomains of adobe.com like repo.adobe.com, get.adobe.com, rmsdemo.adobe.com, etc.
How it works
The Google Hacking tool uses your browser to make requests to Google using specific search expressions (Google dorks) that can find interesting information about the target.