Differences

This shows you the differences between two versions of the page.

--- google_dork_monitoring [2023/01/27 17:08]
kaduuwikiadmin created
+++ google_dork_monitoring [2023/05/22 20:40] (current)
@@ Line 2: / Line 2: @@
 ===== Introduction =====
+Google hacking, also known as Google dorking, is the practice of using advanced operators in the Google search engine to find security vulnerabilities in websites. These operators can be used to search for specific file types, sensitive information, and other vulnerability-related information. It is often used by security researchers and hackers to find vulnerabilities in websites and networks. There are google Dork lists like https://www.exploit-db.com/google-hacking-database which can be used in combination with your domain. If any result appears in Kaduu, it means that there is a possible security vulnerability or data exposure in one of the webservices of your organisation.
+===== What vulnerabilities can be exposed using google hacking? =====
+Google hacking can be used to expose a variety of vulnerabilities in websites, including:
+  * Sensitive information: Google hacking can be used to search for sensitive information such as credit card numbers, social security numbers, and login credentials that may have been accidentally exposed on a website.
+  * Vulnerable files and directories: Advanced operators can be used to search for specific file types, such as .php or .asp, that may indicate a vulnerability in a website's code.
+  * Misconfigured servers: Google hacking can be used to search for servers that have been misconfigured, such as those that have directory listing enabled, which can reveal sensitive information about the server and its contents.
+  * Backdoors: Google hacking can be used to search for backdoors, which are small programs that can be used to gain unauthorized access to a system.
+  * Open ports: Google hacking can be used to search for open ports on a network, which can indicate a vulnerability that can be exploited by attackers.
+  * Exposed databases: Google hacking can also be used to search for exposed databases, which can contain sensitive information such as customer data, financial information, etc
+===== How to use Google Dork Monitoring? =====
+Please enter you domain like "example.com" and not "www.example.com" to not limit the results to a specific server. The domain you enter will be queried once per day using a Google API call. If there are any results, you can see them by clicking on "view". You will see all the alerts that have been triggered using your keyword. The query type will reveal what keyword has triggered the alert:
+{{::google1.png?800|}}

My DokuWiki

User Tools

Site Tools

Differences

Page Tools