There are a series of security measures you can take that should help your Google account stay ... More
Google dorking is the use of advanced search operators to find specific information on the internet that might not be findable using standard search queries. Google dorking is also known as Google hacking — which is misleading, as it’s perfectly legal, and is often used by security professionals to find vulnerabilities in their organization's systems. However, the flip side if this is that the technique also allows hackers to access information that you'd rather remained private. This can include, for example, unsecured login portals or sensitive company documents. We look at the risks of Google dorking, and what you can do to stay safe.
What Is Google Dorking?
So named because they involve searching “like a dork,” Google Dorks were first introduced by computer security expert Johnny Long.
In 2002, Long started using custom queries to search for elements of websites that could be leveraged in cyberattacks. The list gradually expanded; and two years later, these queries were codified into the Google Hacking Database (GHDB) as a dictionary of queries designed to be used by penetration testers. However, it didn’t take long before cyber criminals were using the techniques, too, in order to unearth, for example, unprotected databases, server credentials or private documents that were not meant to be publicly accessible.
How Does Google Dorking Work?
Google dorking relies on the fact that when Google crawls the web to index pages for its search engine, it can see parts of websites that normal internet users can’t.
It allows searchers to use the advanced operators used for this by Google, together with keywords, to locate specific text strings within search results. But while the technique can be useful for anybody, it also offers distinct possibilities for hackers. Conversely, it’s also often used by security professionals to identify vulnerabilities in their systems. Google dorking doesn't require any great level of skill: it's simply a question of checking through a list of possible dorks and then following instructions.
Common Google Dorking Commands And Examples
There are literally thousands of Google dork commands, most perfectly innocuous and used simply to target searches more accurately, but some really only of use to security researchers or cyber criminals.
Some of the most widely-used dorks include:
- site:
- inurl:
- intitle:
- intext:
- filetype:
- cache:
- link:
Dorks can be linked together to create even more specific searches.
1. site:
Narrows results to a specific site or domain; for example, site:example.com searches only the example.com website.
2. inurl:
Finds pages that have the specified text in the URL; for example, inurl:dorking will find pages with “dorking” in the URL.
3. intitle:
Locates pages with the specified text in the title tag, for example intitle:advice.
4. intext:
Finds pages containing the exact phrase, for example: intext:John Smith.
5. filetype:
Returns results only of specific file types like PDFs, XLS or DOCX, for example: filetype:pdf
6. cache:
Finds cached versions of a web page, for example: cache:example.com
7. link:
Finds web pages that contain a link to a specific document, for example link:https://www.forbes.com/sites/technology/article/google-account-hacked/
Google Dorking Cybersecurity Risks
There’s nothing inherently bad about Google dorking: as we've seen, it can be a very useful tool for improving the accuracy of legitimate searches. It's also extremely helpful for penetration testers or ethical hackers aiming to improve the security of websites by looking for vulnerabilities.
However, it’s also used by the bad guys, with hackers using Google dorks to find sensitive data such as employee information or intellectual property. It can also be used to identify security vulnerabilities such as misconfigured servers, outdated software and unsecured databases. And it's worth remembering that leaving your website vulnerable, particularly if those vulnerabilities are exploited, can carry other risks too — for example, legal penalties and fines for compliance violations, or damage to your company's reputation.
How Can You Protect Your Data?
Those using Google dorking for nefarious purposes are generally after sensitive corporate information, or signs of cybersecurity vulnerabilities.
There are a number of ways to try and ensure that it doesn’t happen to you. These include the basic cyber security measures that you should be implementing across all your accounts, like limiting access to sensitive information, taking advantage of security tools and firewalls and using strong and unique passwords and two-factor authentication. Scan for vulnerabilities regularly, and use Google Search Console to delete sensitive websites from the results of public searches. Implement a tight Robust Robots.txt file, which instructs web robots about which pages on your site to crawl or ignore.
Bottom Line
Google dorking is a mixed blessing — on the one hand, it’s a useful tool for improving the effectiveness of online searches, but on the other it can form a mechanism for hackers to access private information. But there are a series of security measures you can take that should help your website stay secure.