PricingBlogAbout Us

Google Dorking: Operators, Examples, Threat Actors, and Defense

Verified

Added on  2022/11/15

|9
|786
|198
Homework Assignment
AI Summary
This assignment provides a comprehensive overview of Google dorking, a computer hacking technique that uses Google search to identify security vulnerabilities. It begins by defining Google dorking and its core concept of using advanced search operators to find specific text strings. The assignment details various operators like allintext, allintitle, allinurl, and others, explaining their functionalities with examples. It then discusses how threat actors utilize Google dorking to exploit vulnerabilities, referencing real-world examples like SQL injection attacks. The assignment concludes with recommendations for mitigating Google dorking risks, such as proactive use of dorking techniques to identify vulnerabilities and reducing web presence. The content is supported by figures illustrating the use of different dork operators, and references are provided for further reading. This assignment is a valuable resource for students studying cybersecurity, providing a practical understanding of a common hacking method and defensive strategies.
Document Page
Running head: GOOGLE DORKING
GOOGLE DORKING
Name of the Student:
Name of the University:
Author Note:
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
1GOOGLE DORKING
Table of Contents
What is google dorking?............................................................................................................2
Google dorking operators...........................................................................................................2
Use of 4 dork operators..............................................................................................................3
Use of google dorking by threat actors......................................................................................6
Recommendations......................................................................................................................7
References..................................................................................................................................8
Document Page
2GOOGLE DORKING
What is google dorking?
Google hacking also known as google dorking is a computer hacking method that primarily
uses Google search engine and other google software and applications to find security
loopholes in the computer codes and configurations that the websites use. The main concept
of google hacking uses advanced operators in the google search engine to find particular
strings of text in the search results [1]. These operators act like Google’s own query
language.
Google dorking operators
The google dorking operators like allintext, allintitle, allinurl, cache, filetype, inanchor,
intext, intitle, link, site, +, |, and * are used to find specific web pages and URLs using
specific parts of text and the google search engine [2]. The allintext searches for a specific
text on web pages. The allintitle functions same as allintext but returns the title of the web
pages. The allinurl fetches exact matching URL as the searched text. The cache dork is used
to show cached version of the website. The filetype dork is used to look for any type of file
extensions. The inanchor dork is used to search exact matching anchor text used on any links.
The intext dork is used to find websites or web pages with certain texts in them. The intitle
dork is used to search different keywords inside the title. The link dork will show the
webpages with link to the mentioned URL. The site dork will show all the indexed URLs of
the given domain. The + dork is used to concatenate or join many specific keys to detect web
pages. The | dork acts as a logical operator while searching. The * dork is used to search
words with anything before the given word.

This is a preview!

Do you want full access?

icon

Trusted by 1+ million students worldwide

Document Page
3GOOGLE DORKING
Use of 4 dork operators
1. Allintext: Searched “hacking tools” in google with this dork. Results as follows.
Figure 1 Source: created by author
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
4GOOGLE DORKING
2. Allintitle: Searched “Security companies” in google with this dork. Results as follows.
Figure 2 Source: created by author
Document Page
5GOOGLE DORKING
3. Allinurl: Searched “client area” in google with this dork. Results as follows.
Figure 3 Source: created by author

This is a preview!

Do you want full access?

icon

Trusted by 1+ million students worldwide

Document Page
6GOOGLE DORKING
4. +: Used the + operator to join two words “security” and “trails” and search on google.
Results as follows.
Figure 4 Source: created by author
Use of google dorking by threat actors
The google dorking can be easily used by threat actors to exploit SQL on Pastebin. More than
35000 websites where compromised in October 2013 in the United States due to google
dorking or hacking. The cyber threat actors used most offensive and defensive use of over
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
7GOOGLE DORKING
1600 earlier made dork queries that used many advanced search operators. With the use of
google dorking based SQL injection tool “Havij”, hacking has become so easy that even a
three year old kid can also be a successful hacker. Such is the ease of using google dorks [1].
Recommendations
The recommendations to fight against google docking are:
1. The company or the users can themselves use google dorking extensively to find exposed
areas of their organisations that are visible to hackers and nosy cybercriminals. Once all the
web presence or visible stuff is found, those data can be wiped clean.
2. Reducing the web presence of the company and updating the enterprise software is another
way to combat google dorking.
Document Page
8GOOGLE DORKING
References
[1] F Toffalini, M Abbà, D Carra, and D Balzarotti, Google dorks: Analysis, creation, and
new defenses. In International Conference on Detection of Intrusions and Malware, and
Vulnerability Assessment (pp. 255-275). Springer, Cham. July 2016.
[2] M.Y Bae, H.K Lim, and D.J Cho, A study on security diagnosis using automated Google
hacking tools-focusing on the US government website. Journal of Advances in Information
Technology, 7(2), pp.93-97. 2016.

This is a preview!

Do you want full access?

icon

Trusted by 1+ million students worldwide

chevron_up_icon
1 out of 9
circle_padding
hide_on_mobile
zoom_out_icon
logo.png

Your All-in-One AI-Powered Toolkit for Academic Success.

  +13062052269
info@desklib.com

Available 24*7 on WhatsApp / Email

[object Object]
Unlock your academic potential

Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.