Google dorks in recognition phase

 

Google is often used by hackers to search for various sensitive informations. This same technique is used along with other tools by IT security professionals to gather preliminary data or information about a target (a customer), in order to prepare a penetration test. The use of certain keywords that enter in association with your search will give surprising results in some cases. Avoid certain searches as they could get you into a lot of trouble, always check the legality of your actions. This tutorial is only intended to be used for personal research and especially as one of the different tools in phase 1 of an intrusion test, either through the different sites that offer to train you legally, or within the framework of an intrusion test that you will have previously validated by a contract with your client. It is obvious that in the case of a penetration test for a client, all the information and techniques that you have used must be included in the final report to inform your client, who will take the necessary measures to prevent malicious people from finding this information in the future, who can in some cases be very sensitive. Here is a small list of some of these keywords called «Google dorks»

 

inurl is used to search for any text inside a url.

intext is used to search for any text within the body or source code of the website.

filetype is used to search for any type of file you want to locate within a website or on a particular topic. You can search for any type of file.

intitle is used to search for web page titles.

site is used to narrow the search area to a particular website.

link is used to check other websites containing links to a website.

 

Here are some examples of the use of these google dorks. Not to be too long I would not put more, but you can of course do a search on Google to have more information and examples when using this search technique, or directly click on the following link: http://www.googleguide.com/advanced_operators_reference.html

 

An example to find the keyword « cybersecurity » in the title of a website would be to enter the following dork in the search bar:

  • intitle:cybersecurity

Another example with the same dork but a little more complex will allow you to access all sites where there is index.of in the title:

  • intitle:index.of

Another example with the same query but even more perfidious this time to find sites with a specific type of server which would norlamly be Apache version 2.0

  • « Apache/2.0 Server at » intitle:index.of
  •  intitle:index.of “Apache” “server at”

Thats is for this simple and short tutorial. Use it wisely and in legality.

 

 

0

Aidez la recherche grâce au calcul distribué avec BOINC

BOINC (Berkeley Open Infrastructure for Network Computing) est une plateforme logicielle de calcul distribué gratuite, open-source et multiplateformes (Windows, Mac, Linux et Android). Elle vous permettra de participer activement a la rechercher scientifique dans différents domaines telle que (liste non exhaustive): les sciences physiques, les mathématiques, mais aussi la biologie et la médecine. Les applications sont diverses et variées et chacun pourra faire son choix en faisant un tour sur le wiki des projets BOINC https://fr.wikipedia.org/wiki/Liste_des_projets_BOINC .  J’utilise personnellement BOINC depuis de nombreuses années en participant a divers projets concernant la recherche médicale, par exemple pour le recherche contre le cancer. c’est en voyant dans les réseaux sociaux diverses publications de type chaine de lettres que j’ai décidé de rédiger cet article.

Voici le projet qui me tiens a cœur et auquel  je participes personnellement. Projet Rosetta@home https://fr.wikipedia.org/wiki/Rosetta@home qui  outre la recherche dans le calcul de méthodes fondamentales, est directement liée à la recherche contre certaines maladies dont la malaria, la maladie du charbon, le HIV, la maladie d’Alzheimer, différents cancer, ainsi que divers virus.

 

Voila j’espère vous avoir sensibilisé un peu a d’autres activités qui sont possible de faire avec votre ordinateur, tablettes  et smartphone ! Vous pouvez tous aider la recherche et ce gratuitement, juste en partageant un peu de temps et de puissance de calcul avec BOINC.