As well as Social Engineering, the Google search engine can also be used to find out a lot of interesting information about people, organisations and websites, and can be used to gather confidential or sensitive information which are not always visible directly. The Google Search Engine has the ability to accept specially formatted commands as inputs, which then produces specific and interesting results. This is process is generally referred to as "Google Hacking". As direct hacking of others' websites is illegal, we won't be doing that, but instead, we will be using Google as an indirect tool.
Unfortunately, on the downside, however, some advertisers are also now aware of the popularity of "Google Hacking" and have now targeted their adverts to respond directly to some of the "Google Hacking" searches. It is up to you to differentiate between what are genuine results and what are just advertising efforts specially created to target "Google Hackers".
This workshop can be carried out on any computing device with a web browser and internet connection.
Googleâ€™s Advanced Search Query Syntax
The â€œsite:â€ syntax restricts Google to query for certain keywords in a particular site or domains. Open a web browser and go to http://google.com. Enter the following in the search box:
This will look for the keyword â€œexploitsâ€ in those pages present in all the links of the domain â€œhackingspirits.comâ€. There should not be any space between â€œsite:â€ and the â€œdomain nameâ€.
Question: How many pages in hackingspirits.com contain the word exploits?
[Your answer here]Â marks
The "site:" operator also work across multiple websites if they share the same domain suffix. For example, searching for :
Â Â Â "IT Security" site:ac.uk
on Google will search for all UK universities' websites for the exact words "IT Security".
Question: Roughly how many pages does Google report as having the exact words "IT Security" in all of the "ac.uk" websites:
This â€œfiletype:â€ syntax forces Google to only search for files on internet with particular extensions (i.e. doc, pdf or ppt, etc). Searching for:
filetype:docÂ site:gov.ukÂ confidential
will look for files with â€œ.docâ€ extension in all government domains with â€œ.gov.ukâ€ extension and containing the word â€œconfidentialâ€ either in the pages or in the â€œ.docâ€ file. i.e. the result will contain the links to all confidential word document files on all the government's websites.
Question: Approximately, how many Word files containing the word "confidential" can Google find on UK government websites?
Question: What is the search expression that you will need to enter into Google if you want to search for all Excel spreadsheets (xls) containing the word "confidential" across all "co.uk" websites?
Other samples, services and questions:
When you use PaperHelp, you save one valuable — TIME
You can spend it for more important things than paper writing.