The Google dorks technique, also known as Google hacking, started as an abuse of Google's advanced search options, and it was later extended to other search engines that also included similar options. It searches for specific strings and parameters to get valuable information from an organization or target. Here are some examples that can be useful for a penetration tester:
- PDF documents in a specific site or domain can be searched for, like this:
site:example.com filetype:pdf
- References to email addresses of a specific domain, excluding the domain's site can be searched for:
"@example.com" -site:example.com
- Administrative sites with the word admin in the title or the URL in example.com can be searched for:
intitle:admin ...