Connect with us

Programming

Google Dorking And How Are Hackers Using This Technique Against You

Published

on

Google is the encyclopedia of the internet that carries the answer to all your questions and curiosity. After all, it is just a web index to find images, articles, and videos, right?

Well, if you think so, you are turning a blind eye to the untapped potential of the behemoth search engine’s crawling capabilities. This side of Google is lesser-known to the average user but propelled effectively by bad actors to hijack websites and steal sensitive data from companies. Here, we’ll address how security professionals and hackers use Google as an effective reconnaissance tool to access sensitive data, hijack websites, and more.

What is Google Dorking?

Google dorking or Google hacking is the technique of feeding advanced search queries into the Google search engine to hunt for sensitive data such as username, password, log files, etc., of websites that Google is indexing due to site misconfiguration. This data is publicly visible and, in some cases, downloadable.

A regular Google search involves a seed keyword, sentence, or question. But, in Google dorking, an attacker uses special operators to enhance search and dictate the web crawler to snipe for very specific files or directories on the internet. In most cases, they are log files or website misconfigurations.

Banner 3

How Hackers Use Google Dorking to Hack Websites

Google dorking involves using special parameters and search operators called “dorks” to narrow down search results and hunt for exposed sensitive data and security loopholes in websites.

The parameters and operators direct the crawler to look for specific file types in any specified URL. The search results of the query include but are not limited to:

  • Open FTP servers.
  • A company’s internal documents.
  • Accessible IP cameras.
  • Government documents.
  • Server log files containing passwords and other sensitive data can be leveraged to infiltrate or disrupt an organization.

Most-Used Google Dorking Operators

Although there are tons of operators and parameters that one can apply to a search query, it only takes a handful of them to serve the needs of a security professional. Here are a few commonly used queries:

  • inurl: Dictates the crawler to search for URLs that contain a specified keyword.
  • allintext: This parameter searches for user-specified text in a webpage.
  • filetype: This parameter tells the crawler to look for and display a specific file type.
  • intitle: Scrapes for sites containing specified keywords in the title.
  • site: Lists all the indexed URLs for the specified site.
  • cache: When paired with the site parameter, this one displays the cached or older version of a website.
  • Pipe operator (|): This logical operator will list results that contain either of two specified search terms.
  • Wildcard operator (*): This is a wildcard operator that searches for pages that contain anything connected to your search term.
  • Subtract operator (-): This eliminates unwanted results from your search.

Is Google Dorking Illegal?

While it may seem intimidating, Google dorking will not land you behind bars, given you are only using it to refine your search results and not infiltrate an organization.

It is a necessary evil and, in fact, an encouraged practice amongst power users. Keep in mind that Google is tracking your searches all the time, so if you access sensitive data or search with malicious intent, Google will flag you as a threat actor.

In case you are carrying out a pen test or hunting for bug bounty, ensure that you are fully authorized and backed by the organization. Otherwise, if you get caught, things can take a turn for the worst, and one can even slap you with a lawsuit.

Continue Reading
Advertisement
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Featured

What Is Cognitive Computing?

Published

on

Cognitive computing is the use of computerized models to simulate the human thought process in complex situations where the answers may be ambiguous and uncertain. The phrase is closely associated with IBM’s cognitive computer system, Watson.

Computers are faster than humans at processing and calculating, but they have yet to master some tasks, such as understanding natural language and recognizing objects in an image. Cognitive computing is an attempt to have computers mimic the way a human brain works.

To accomplish this, cognitive computing makes use of artificial intelligence (AI) and other underlying technologies, including the following:

  • Expert systems
  • Neural networks
  • Machine learning
  • Deep learning
  • Natural language processing (NLP)
  • Speech recognition
  • Object recognition
  • Robotics

Cognitive computing uses these processes in conjunction with self-learning algorithms, data analysis, and pattern recognition to teach computing systems. The learning technology can be used for speech recognition, sentiment analysis, risk assessments, face detection, and more. In addition, it is particularly useful in fields such as healthcare, banking, finance, and retail.

How Does Cognitive Computing Work?

Banner 3

Systems used in the cognitive sciences combine data from various sources while weighing context and conflicting evidence to suggest the best possible answers. To achieve this, cognitive systems include self-learning technologies that use data mining, pattern recognition, and NLP to mimic human intelligence.

Using computer systems to solve the types of problems that humans are typically tasked with requires vast amounts of structured and unstructured data fed to machine learning algorithms. Over time, cognitive systems are able to refine the way they identify patterns and the way they process data. They become capable of anticipating new problems and modeling possible solutions.

For example, by storing thousands of pictures of dogs in a database, an AI system can be taught how to identify pictures of dogs. The more data a system is exposed to, the more it is able to learn and the more accurate it becomes over time.

To achieve those capabilities, cognitive computing systems must have the following attributes:

  • Adaptive. These systems must be flexible enough to learn as information changes and as goals evolve. They must digest dynamic data in real time and adjust as the data and environment change.
  • Interactive. Human-computer interaction is a critical component of cognitive systems. Users must be able to interact with cognitive machines and define their needs as those needs change. The technologies must also be able to interact with other processors, devices, and cloud platforms.
  • Iterative and stateful. Cognitive computing technologies can ask questions and pull in additional data to identify or clarify a problem. They must be stateful in that they keep information about similar situations that have previously occurred.
  • Contextual. Understanding context is critical in thought processes. Cognitive systems must understand, identify and mine contextual data, such as syntax, time, location, domain, requirements, and a user’s profile, tasks, and goals. The systems may draw on multiple sources of information, including structured and unstructured data and visual, auditory, and sensor data.

Examples and applications of cognitive computing

Cognitive computing systems are typically used to accomplish tasks that require the parsing of large amounts of data. For example, in computer science, cognitive computing aids in big data analytics, identifying trends and patterns, understanding human language, and interacting with customers.

Continue Reading

Featured

Four Key Tips for Beginners Learning JavaScript

Published

on

If you have ever been interested in Web Development then chances are you have heard of JavaScript. JavaScript is an object-oriented programming language. It is used by developers to make the client-side (front end) of web pages dynamic and interactive. 

It is also used alongside HTML and CSS to make websites and web applications. The market for application development in 2022 is huge. Freelancing as a developer or pursuing a full-time job are lucrative options for anyone dedicated and determined to learn programming skills.

While learning to program can seem like a daunting task, it is not impossible. There are many resources online that can be used to learn to program. Paid options are the best in the end, but that does not mean free resources are bad. Let’s take a look at some tips for beginners in JavaScript to improve their command of the language.

  1. Comment a Lot

Using comments is important when learning any programming language. Comments help make your code more readable and understandable.

In the beginning, you will frequently forget what certain syntax means or what a particular line you wrote does in your code. To save yourself some headaches, write comments about any line that you feel you might forget for later reference. In fact, in the beginning, you should be commenting more than actually writing code.

Banner 3

With time, your grasp of the language will increase and your need to comment on your code will decrease. Eventually, your code will have very few comments or not at all.

  1. Do Programming Exercises

Even if you learn to code in JavaScript, you will not be able to understand how to apply it without sufficient practice. To get the practice you need, do additional coding exercises. There are a ton of free resources when it comes to practice exercises. A simple Google search will direct you to a long list of them. Make sure to start with exercises within your skill level, then advance upwards as you gain proficiency.

One common exercise is to learn how to convert XML to JSON. JavaScript libraries frequently use JSON files. Learning how to convert XML to JSON and vice versa is a good idea because you will be working with both a lot using JavaScript.

  1. Leverage Multiple Resources

There are many resources available online that can be used to learn JavaScript. YouTube has a variety of video tutorials explaining the obscure and obvious features of using JavaScript.

Similarly, many forums exist solely for JavaScript programmers and their programming problems. Let’s face it, you will run into problems, and you can use these resources to resolve issues you run into. There are also groups and communities that can provide expert and amateur advice on programming problems. JavaScript is a popular language, so it is easy to find communities specifically for JavaScript and solutions to most problems.

  1. Always Make Documentation for Your Projects

You will be making a few practice projects when learning JavaScript. No matter how small or insignificant a project seems, make some documentation about it.

Documentation can include a ‘How to’ that tells how to run the project. You can also include ‘Read Me’ files to tell you what the project does.

The point is to make documentation of all your projects. In the beginning, you will be making really simple documentation that only gives basic information. Later on, you will be adding more and more details.

Documentation will improve your understanding of what you have done. Beginners often follow tutorials and just code along with them. Unfortunately, such practices usually end up with beginners forgetting what they’ve done and not being able to understand their code.

Continue Reading

Business

Four Ways AI Can Improve Your Next Meeting

Published

on

It may not be noticeable to most, but AI is now rooted in many aspects of our lives. From voice assistants to the cars we drive, to social media and shopping – AI is integrated into a multitude of everyday processes.

It should be of little surprise that AI is also becoming heavily embedded in our businesses. And while some people feel uncomfortable about this intersection of human and machine, it truly offers an abundance of transformative opportunities.

Here are four reasons why AI will continue to be important today and in the future:

  1. Automated note-taking allows brainstorms to go full speed

The days of being the meeting scribe and not absorbing what’s been said around you are over. Automated note-taking and accurate meeting transcripts are one of the simplest ways AI can help free up meeting attendees to focus on the discussion taking place.

Using this software means that transcripts can be searched for important keywords and ideas, allowing participants to fully absorb details after the meeting has concluded. Giving everyone at the meeting the ability to participate without the burden of constant note-taking fosters a lively and uninhibited discussion, encouraging a seamless flow of ideas.

Banner 3
  1. AI-powered action items, agenda updates, and deadline management

AI technology is founded on rules-based responses to decisions, meaning it can be taught to recognize keywords. Organizers can plug in important words such as “follow up” or “action item” and the AI can recognize them and react for easier sharing and review after a meeting.

In addition, AI can help to record deadlines and, if programmed to do so, could send out reminders as deadlines approach. With something like Natural Language Processing (NLP) embedded, AI can also know which parts of the meeting are most important, based on vocal tones, and can automatically record and share those parts with attendees, ensuring that none of the actions are forgotten.

  1. Automated capture of nonverbal cues

We all know those golden moments during a meeting where ideas are born and everyone reacts in a positive way – but they can be hard to identify, particularly if you’re engaging with remote workers on the phone or via video conference.

Wouldn’t it be great if AI was able to more easily recognize and record those moments, because they are generally identified by nonverbal cues such as facial expressions, nods, laughter, or peaks in the audio when everyone has that aha moment? A human note-taker may not be able to accurately capture this, but AI may be able to.

  1. Improved overall efficiency prevents meetings from dragging on

Everyone has experienced a meeting that seems to drag on endlessly, or watched co-workers talk in circles. This can happen when people are not paying attention because they’re scribbling on notepads and typing on laptops, bringing up topics that were already discussed. This is what turns meetings into chores instead of the energizing moments of team collaboration they are meant to be.

When AI removes the more mundane aspects of a meeting like scheduling or taking attendance, attendees can move through administrative tasks and housekeeping items rapidly, knowing the AI will have it all recorded for later reference, and move into free-flowing exchanges of ideas.

And for those routine meetings that occur frequently and don’t always entail a major brainstorming, AI also facilitates effective and concise meetings, so everyone can get into the meeting quickly, be productive with the time set out, and then get back into more inspiring work.

Continue Reading
Advertisement

Facebook

Trending