How to Use Google hacking Debatase On Windows and Linux, Google hacking database There have been many books written on Google hacking, that speaking of the details and tricks involved would quickly divert the focus of this book.
Exploit-DB at exploit-db.com has taken over and updated Mr. Long's Google Dorks database. This is now the official GHDB site. You should use these tools in tandem with good filters to ensure that you get only the data you need. Here are some examples of how this can be done. Go to http://exploit-db.com/google-dorks and choose a query. Here is a random entry:
inurl:ftp "password" filetype:xls Enter it into Google.com with the following modifications. Add the site: option followed by a domain name that is part of your rules of engagement:
site:example.com inurl:ftp "password" filetype:xls In the case of this example, if there are any results found, you have located a MS Excel file that contains some form of "password". Mind that results will vary and the best Google search queries are usually focused on determining the versions of installed software, seeking out known vulnerable installations that will later be targeted if allowed by the rules of engagement.
You should also be performing focused searches that locate all major document types such as .pdf, .doc, .txt, .xls, and more. However, there are some additional tools that will help us with this.