Tobi

Google's landing page

Google Hacking Explained

Leave a Comment / WebT /

Google hacking, also known as “Google dorking,” refers to the practice of using advanced search operators and specialized search queries to find specific types of information or vulnerabilities on the internet. This can be used to find information that is not intended to be publicly available, or to discover vulnerabilities in websites or systems.  Google hacking can be used for a variety of purposes, including research, security assessments, and malicious attacks. It is important to note that Google hacking can be used for both legal and illegal purposes, and it is important to use these techniques responsibly and only for lawful purposes.  Google provides a list of advanced search operators that can be used to refine search queries and find specific types of information. These operators can be combined in various ways to create specialized search queries that can help to find specific types of information or vulnerabilities.  Google hacking can be a useful tool for cybersecurity professionals and researchers, but it can also be misused by individuals with malicious intent. It is important to be aware of the potential risks and to use these techniques responsibly.  To explain this, I’ll say; Just disregard the title because we’re not hacking google. I’m sure we all know Google as it’s a search engine we’ve heard of. We all use google to search for whatever query it is we have and we all tend to find answers with the help of Google. But of course, there is a whole lot more to Google than it meets the eye. I’ll explain of course. I’m actually quite good with website designs and it’s a skill I’ve picked up since I was 14, and it dated back to me having a blog with blogger.com but that’s not what I’m trying to explain. As a web developer, I do have a working understanding of SEO and that means Search Engine Optimization and believe me, it’s this very tricky thing that entails ranking the website/content on a search engine’s top page. For you to get ranked properly, there is a bit that entails having to submit your sitemap to google and this also means google tends to crawl on your entire website and then have content analyzed then google ranks it. If in a few months you make some updates to your website content, and you archived some content out of your website or some files are not properly hidden, google would pick that file up but it might not appear whenever people just make a random search like querying your address, customer care number e.t.c This is where we come in as hackers and this is where we get to fully understand google hacking in a cyber-security context. Google hacking from a cybersecurity point of view means doctoring our queries when performing a search on Google just to get streamlined answers from google. Using Google hacking, you can potentially find a wide range of information, depending on the search query you use. This could include:  Sensitive information that is not intended to be publicly available, such as login credentials or personal information  Vulnerabilities in websites or systems, such as SQL injection vulnerabilities or unsecured access points  Information about specific individuals or organizations, such as contact information or employment history  Information about specific technologies or software, such as documentation or known vulnerabilities  Information about specific industries or topics, such as news articles or research papers  Here are 20 examples of Google hacking queries that you can use to find specific types of information or vulnerabilities on the internet:  “inurl:login” – Finds pages with “login” in the URL  “inurl:admin” – Finds pages with “admin” in the URL  “intext:password” – Finds pages with the word “password” in the text  “site:gov filetype:pdf” – Finds PDF files on government websites  “site:edu filetype:doc” – Finds Word documents on educational websites  “intitle:index of” – Finds directories that have “index of” in the title  “inurl:ftp” – Finds FTP servers with the word “ftp” in the URL  “intext:@gmail.com” – Finds pages with Gmail addresses in the text  “intext:@yahoo.com” – Finds pages with Yahoo! addresses in the text  “filetype:xls inurl:budget” – Finds Excel spreadsheets with “budget” in the URL  “intext:username” – Finds pages with the word “username” in the text  “intext:email” – Finds pages with the word “email” in the text  “inurl:wp-content” – Finds WordPress sites with “wp-content” in the URL  “intext:sql injection” – Finds pages with the phrase “SQL injection” in the text  “inurl:php?id=” – Finds pages with a PHP ID parameter in the URL  “inurl:login.php” – Finds pages with “login.php” in the URL  “inurl:register.php” – Finds pages with “register.php” in the URL  “intext:vulnerability” – Finds pages with the word “vulnerability” in the text  “filetype:doc inurl:confidential” – Finds Word documents with “confidential” in the URL  “inurl:search?q=” – Finds pages with a search query parameter in the URL  It is important to note that these queries are just examples, and you can use different combinations of advanced search operators and keywords to find specific types of information or vulnerabilities. It is also important to use these techniques responsibly and only for lawful purposes.  It might not be that straightforward because I’m explaining it in a way you might struggle to visualize. Watch the video below to understand more about how Google hacking works and see it being shown.

Google Hacking Explained Read More »

Information gathering in cybersecurity

INFORMATION GATHERING IN CYBERSECURITY

Leave a Comment / Information Gathering, Pentest /

In the context of cybersecurity, information gathering refers to the process of collecting and analyzing data about a target system or network in order to identify potential vulnerabilities or threats. Information gathering can be an important part of a variety of cybersecurity activities, including vulnerability assessment, penetration testing, and incident response.  There are several different techniques that can be used for information gathering in cybersecurity, including:  Network scanning: This involves using tools like Nmap to scan the target network for open ports and services. This can help identify potential targets and gather information about the network architecture and configuration.  Social engineering: This involves using psychological manipulation or deception to trick people into revealing sensitive information or granting access to restricted areas. Social engineering can be effective in gathering information that is not readily available through other means.  Web application analysis: This involves analyzing the structure and functionality of a target web application to identify potential vulnerabilities. Tools like BurpSuite can be used to intercept and analyze traffic between the web application and the user’s browser.  Public records searches: This involves searching public databases and records for information about the target organization or individuals. This can include things like company registration records, property records, and social media profiles.  Physical reconnaissance: This involves physically visiting the target location and gathering information about the layout and security measures in place. This can include things like observing security protocols, taking pictures, or collecting discarded materials that might contain sensitive information.  Consider a scenario where you are trying to break into a house as “A Thief Maybe” Of course; you’re not a thief. But imagine you’re a thief trying to perform reconnaissance or gather information on a house you’re planning to break into; what do you think you’ll be on the lookout for….. How about popping answers in the comment. Moving forward, you’ll probably want to see if they’ve got a wooden window or if it’s made from glass, if their window is always open or if they leave their door open at all times, and if there is a CCTV mounted, the type of locks they use e.t.c. I have a limited idea on this because I haven’t broken into a house before. Back to cyber, the more information you’re able to gather, the more chance you have of having a good result in the end, and thus, information gathering should be mastered. It should also be noted that information gathering is necessary because the information gathered on a victim can be used when guessing passwords, among other attacks. To get started with information gathering, we need to identify our target, and also, knowing our target would help us in deciding whether we should go for active or passive reconnaissance. I’ll explain both, of course.Passive reconnaissance can best be explained as when you try to gather information on an asset without interacting with the said asset. This simply means you’re doing information gathering, but the asset or target doesn’t know you are gathering information. This can be done via Google Hacking, Shodan, using Open Source Intelligence (OSINT).Active reconnaissance, on the other hand, can be seen as gathering information on an asset or target whilst still interacting with the said target. This could be trying to find open ports with the aid of NMAP. Finding vulnerabilities using Nessus or Nikto. It’s important to note that information gathering should be conducted ethically and within the bounds of the law. In the context of cybersecurity, this means obtaining consent from the target and respecting any privacy or security measures in place.  Overall, information gathering is a critical part of effective cybersecurity, as it allows security professionals to gather the information they need to identify and mitigate potential threats to the target system.  I know I’ve mentioned a lot of tools but do not feel overwhelmed. You will definitely get the hang of all these tools.That being said, it’s pretty much decent to conclude on what information gathering does entail, and this is just the basics. Every tool mentioned and method will be explained fully in upcoming posts, and there will be videos guiding you on how to get started with all these tools and finally, be on the lookout for our next post, “Identifying our targets”, because there is no reconnaissance without a target. I do hope you find this post simple to understand. Do not forget to subscribe to our newsletter so you can get notified when there’s a new post.

INFORMATION GATHERING IN CYBERSECURITY Read More »

Subscribe to our newsletter

Don’t miss out, stay tuned.

Contact

  • hello@tobididit.com

Quick Links

Social

Twitter Youtube Instagram Linkedin
Tobididit Homepage logo

© Copyright 2022 tobididit. All right reserved.