Google Dorking involves using advanced search operations in Google to search for specific keywords, file types, or website parameters. These operators can be combined to create more powerful search queries that can reveal information that would not be easily accessible otherwise.
These are some of the dorks who generally used more as compared to other dorks. Dorks are just not limited to this list, you can also make your own custom dork by innovating already existing dorks. For reference, you can visit Google Hacking Database.
Other Operators
Apart from the above-mentioned operator, there are also some logical operators which can be used to filter the search engine results according to the need. You will definitely get the stuff on seeing these operators. Here are these:
- OR: This self-explanatory operator searches for a given search term OR an equivalent term.
site:geeksforgeeks.org | site:www.geeksforgeeks.org
- AND: Similarly, this operator searches for a given search term AND an equivalent term.
site:geeksforgeeks.com & site:www.geeksforgeeks.org
- Search Term: This operator only looks for the precise phrase within speech marks.
"GeeksForGeeks POTD"
- Glob Pattern (*): This works best when you don’t know what goes on in the place of the asterisk(*).
site: *.geeksforgeeks.org
- Including Results: Will include the results.
site:linkedin.com +site:linkedin.*
- Exclude Results: Will exclude the results.
site:linkedin.* -site:linkedin.com
This is all about the operators which can be used apart from the dorks which doing a google search.
While Google Dorking can be used for legitimate purposes such as researching a website’s security vulnerabilities, hackers use this technique maliciously to find sensitive information such as usernames, passwords, and other potential information. As a result, it is important for website owners to secure their websites and avoid exposing sensitive information in publicly accessible directories.
In addition, internet users should also be careful about the information they share online and use strong, unique passwords for each of their online accounts to avoid falling victim to a cyber attack.
Overall, Google Dorking is a powerful technique that can be used for both good and bad purposes. Website owners and internet users should be aware of its potential risks and take steps to protect themselves from any potential security breaches.
Prevention From Google Dorking
As an owner/developer, you will wish your website to be secure from google dorking. You can do so by following the below-mentioned stuff:
- Use Robots.txt: You may tell search engines not to index particular web pages or directories on your website using a robots.txt file. By doing this, you may be able to stop attackers from discovering weak points on your website. There are a lot of modifications that can be done to robots.txt. For ex:
<META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW">
// This meta tag will prevent all
robots from scanning your website
To get more insights about robots.txt, follow this GFG Article.
- Disable Directory Indexing: Web servers frequently permit directory crawling by default, allowing anybody to see a directory’s contents. You can stop it from happening by turning off directory indexing in your web server settings.
- Use a Firewall: You can use a WAF (Web Application Firewall) to enhance the security of your website. It will provide you with an extra layer of security.
- Use Access Control: You can use authentication or MFA (Multi-Factor Authentication) on the pages if you don’t want let anyone to have access. It will prevent unauthorized access to the website.
By following these methods, you can protect your website over the internet from google hackers, or better to say, google dorking.
Note: This article is only for educational purposes.
Please Login to comment...