OSINT Applications for Google Dorks

There was a long fought battle for king of search.  Google won.  It’s undisputed.  There’s Yahoo, Bing, and an assortment of others, but Google won.  It’s not even close.  When searching for terms using other search engines, my results are either garbage or outdated.  This post is about the coveted art of Google Dorking.  Sounds like a stupid name, but I literally am not even slightly surprised considering the nature of Google and all of its products.  Officially known as Google Hacking (wikipedia), there’s a series of search operators you can use to find very specific information on Google, significantly narrowing down your search criteria while conducting OSINT.  When I was in school, I learned about basic advanced search options such as using quotations to get exact phrases and using Boolean operators to narrow or broaden my search, but Google Dorks is something much different.  You can easily find this list of Google Dorks on Wikipedia, but the value I will try to add here is how to use them, when to use them, and give a few examples.  I’ll try not to take up too much of your time and get straight to the point. I’m a big fan of a Pareto Principle (80/20), so I’m going to purposely omit some of the dorks that aren’t very helpful (imo).

intitle

intitle is a Google Dork that will search for a phrase or keyword located in the title of a web page.

Example – You’ve just learned there’s been a major hack from a large corporate, let’s say Walmart, and you want to find out more information and check sources for accuracy.  You would search in google intitle:”Walmart hack”.  This would return results that have the word Walmart and hack in it.

Bonus – You can use quotations and Boolean operators with your search.  Try using intitle:”Walmart hack” OR “Walmart hacked” (swap corporation with your favorite one or one you shop at).

inurl

inurl will search within the URL of a web page for a certain keyword or phrase.  Same as with intitle, you can use quotations or Boolean operators to expand or contract your search results.  A part of search engine optimization is including relevant keywords to your title in the URL or slug of your web page.  Knowing this, you may find certain keywords in the URL that aren’t in the title of the web page itself.  Very useful.

Example – Let’s say Kanye West completely loses his mind and runs for president in 2020.  You want to find as much information as you can on him (beware).  You search inurl:”Kanye West”.  The results give you all web pages with Kanye and West in the URL of each web page.  Try comparing the results from inurl:”Kanye West” to intitle:”Kanye West”.  Completely different.

Bonus – You can combine Google Dorks together!  Try searching intitle:”Kanye West” inurl:”Kanye West”.  You’ll get more specific results.  Throw in some Boolean Operators and you’ve officially enslaved Google to do your precise bidding.

filetype

filetype is one of my personal favorites.  This has applications beyond just OSINT, including finding literally any answer to any test in college.  filetype will allow you to search for specific types of files.  This is very useful when combined with other Google Dorks such as intext (which is coming up next!).

Example – You want to pull all reports about Bitcoin and Ethereum that are in PDF format.  You want to save all of these reports for future reference and sharing.  Using Google Dorks you simply search: Bitcoin OR Ethereum filetype:pdf.  Presto, your results now only show PDFs containing the words Bitcoin or Etherum.

Bonus – You can combine filetype with intitle to get very specific results.  Try searching: intitle:”bitcoin scam” filetype:pdf.

intext

intext is a very useful tool for searching content within a web page without having to open it and read it yourself.  Let’s say you are tasked with researching all articles that mention a particular persons name.  Instead of Googling like a primitive and clicking on each article, hitting ctrl+F and typing in the persons’ name.  Simply use the intext Google Dork for faster results.

Example – You are tasked to find recent articles mentioning the American businessman and investor Mark Cuban.  You search for intext:”Mark Cuban” and all the results that have Mark Cuban in the content of the web page will appear.  This is very broad and your results won’t be that useful.  Try combining search phrases together using Boolean Operators.  Search: intext:”Mark Cuban” AND “investments”.  You’ll now know all web pages that talk about Mark Cuban and his investments.

Bonus – Try using other Google Dorks to find harder to find information.  Search: intitle:Bitcoin intext:”Mark Cuban” AND “invest” filetype:pdf.  You’ll now get PDF reports that talk about Mark Cuban and investing in Bitcoin.

site

site is a Google Dork that allows you to search within a specific web site for information.  Instead of getting search results from ALL web pages, you’ll only get them from one domain.

Example – You are doing some research on terrorism and want to gather some information from a credible source (sort of). You decide you want to search Stratfor to see what they have to say about terrorism.  Search this: site:stratfor.com terrorism.  You’ll get all results for the keyword terrorism within stratfor.com.  Try this for any other website you read news from.

Bonus – Combine the Google Dork site with others.  Try searching for site:stratfor.com intext:terrorism filetype:pdf.  The results will be very specific containing only what you want to find.

If you’d like a more deep dive on Google Dorking, check out this long article done by Moz!

Enjoy!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s