LAB 01
Advanced search operator ka use karke sensitive information nikalna.
Ghabrana nahi hai! In commands ko samajhna asan hai. Ye sirf Google ko "Filter" karne ke tarike hain.
| Command | Kyu Use Karein? (Purpose) |
|---|---|
| intitle:"index of" | Open directories dhundne ke liye (Files list). |
| filetype:pdf | Sirf PDF files search karne ke liye. |
| site:example.com | Search ko sirf ek website tak limit karne ke liye. |
| inurl:admin | Un URLs ke liye jisme 'admin' word ho. |
| intext:"password" | Page ke content mein 'password' word dhundna. |
| cache:example.com | Website ka purana (cached) version dekhna. |
| related:target.com | Target se milti-julti websites dhundna. |
| ext:log | Log files (.log) dhundne ke liye. |
| intitle:"login" | Login pages search karne ke liye. |
| "confidential" filetype:doc | Confidential documents dhundna. |
| allinurl:auth login | Multiple words URL mein dhundna. |
| site:*.gov | Sirf government domains search karna. |
| inurl:wp-content | WordPress based websites target karna. |
| intitle:"webcamXP 5" | Vulnerable webcams dhundna (Educational). |
| filetype:sql "INSERT INTO" | Database backups dhundne ke liye. |
| intext:"sql syntax error" | Vulnerable SQL sites dhundna. |
| "internal use only" | Private documents search karna. |
| intitle:"Index of" config.php | Configuration files dhundna. |
| inurl:phpinfo() | Server information pages check karna. |
| allintext:username password | Text mein dono words dhundna. |
| filetype:env | Sensitive environment files dhundna. |
| inurl:ftp | Open FTP servers search karna. |
| site:pastebin.com "target" | Leaks dhundna Pastebin par. |
| ext:xls "email" | Email lists dhundne ke liye. |
| intitle:"Dashboard" site:com | Admin dashboards dhundna. |
| inurl:/etc/passwd | Linux sensitive files (Agar exposed ho). |
| filetype:bkp | Backup files dhundna. |
| "API_KEY" ext:json | Exposed API keys dhundna. |
| inurl:cgi-bin | Old scripts dhundna. |
| site:github.com "password" | GitHub leaks check karna. |
Sabse pehle decide karein ki aapko kya dhundna hai. Example: Humein Example.com website ke exposed PDF documents chahiye.
Apna dork taiyar karein. Hum combining techniques use karenge:
Ise Google search bar mein paste karein aur Enter dabayein.
Results ko dhyan se dekhein. Kya koi document "Confidential" ya "Internal" mark hai? Agar haan, toh wo ek potential security leak hai.
Google Dorking legal hai jab tak aap public information dekh rahe hain. Lekin kisi ke private data ka galat use karna illegal hai. Hamesha White Hat bane rahein.