Google dorking, otherwise called Google hacking, can bring data back
that is hard to situate through basic search queries. Using this
technique, information not intended for public access can be discovered.
Google and Bing Search Operators
| Operator | Description |
| “Search Term” | Search for the exact phrase within ” “ |
| – | Remove pages that mention a given term from the search results |
| + | Force Google to return common words that might ordinarily be discarded |
| OR | Search for a given search term OR another term |
| site: | Search within a given domain |
| filetype: | Search for a certain file type |
| intitle: | Search for sites with the given word(s) in the page title |
| inurl: | Search for sites with the given word(s) in the URL |
| intext: | Search for sites with the given word(s) in the text of the page |
| inanchor: | Search for sites that have the given word(s) in links pointing to them |
| cache: | Show most recent cache of a webpage |
| IP: | Bing only: Finds results based on a given IP address |
| linkfromdomain: | Bing only: Search for links on the given domain |
Yandex
Yandex operates the largest search engine in Russia with about 65%
market shares.
Yandex Search Operators
| Example | Description |
| “I * music” | Find all results with any word where the asterisk (*) is located |
| Cheshire cat | hatter | Alice | Search for any word in query. This query works for Google as well |
| croquet +flamingo | This query would mandate that the page has the word flamingo, but not croquet |
| rhost:org.wikipedia.* | Reverse host search |
| mime:pdf | Search for specific file type |
| !Curiouser !and !curiouser | Search for multiple identical words |
| Twinkle twinkle little -star | Exclude “star” from search results |
| lang:en | Narrow search by language |
| date:200712*, date:20071215..20080101, date:>20091231 | Narrow search by date or date range |
Shodan
Shodan is a search engine for finding Internet-connected devices and
device types. It allows searching for webcams, routers, IoT/SCADA
devices, and more.
Shodan Filters
| Filter | Description |
| city: | Search for results in a given city |
| country: | Search for results in a given country (2-letter code) |
| port: | Search for a specific port or ports |
| net: | Search a given IP or subnet (e.g.: 192.168.1.0/24) |
| product: | Search for the name of the software identified in the banner |
| version: | Search for the version of the product |
| os: | Search for a specific operating system name |
| title: | Search in the content scraped from the HTML tag |
| html: | Search in the full HTML contents of the returned page |
| hostname: | Search for values that match the hostname |
