Google Search Engine is designed to crawl anything over the internet and this helps us to find images, text, videos, news and plethora of information sources. With its tremendous capability to crawl, it indexes data along the way, which also includes sensitive information like email addresses, login credentials, sensitive files, website vulnerabilities, and even financial information. In many cases,
We as a user won’t be even aware of it.
Google Dork is a search query that we give to Google to look for more granular information and retrieve relevant information quickly. For example, try to search for your name and verify results with a search query [inurl:your-name]. Analyse the difference. You just have told google to go for a deeper search and it did that beautifully.
Now, Intruders narrow down the search to a specific website and check for specific text/keywords with the aim to access sensitive information. And that’s unethical hacking. Search string which could be used for general purposes is now exploited as well.
Google search service is never intended to gain unauthorised access of data but nothing can be done if we ourselves kept data in the open and do not follow proper security mechanisms.
Essentially emails, username, passwords, financial data and etc. shouldn’t be available in public until and unless it’s meant to be.
To continue reading, head over to Box Piper source.
To read more such interesting topics, follow and read BoxPiper blog.
Support my work and buy me a Coffee. It'll mean the world to me. 😇