Using dork script to query Google

The first step for testers to understand Google Hacking Database is to understand all the advanced Google operators, just as the machine-level programming engineers must understand computer OP codes. These Google operators are part of the Google query; the syntax of searching is as follows:

Operator:itemthatyouwanttosearch

There is no space between the operation, the colon, and itemsthatyouwanttosearch. The following table lists all the advanced Google operators:

The following screenshot provides a simple Google dork to search for username in a log file.

The dork search is allintext:username filetype:log:

For more specific operators, we can refer to the guide from Google at http://www.googleguide.com/advanced_operators_reference.html, and well-known exploited Google dorks are available at https://www.exploit-db.com/google-hacking-database/.