If you are a competent internet user, chances are you’ve done something called “Google Dorking.”
And now the Feds have issued a warning to U.S. businesses to be on the lookout for Google Dorking activity as a sign of hackers.
Google Dorking means using Google’s advanced search techniques to dig up information on the web that doesn’t easily pop up during a normal search.
Our favourite is a feature called “site,” which lets you search a single website for a keyword or photos. (Here’s a tutorial on how to use that.) Google also has special search commands called “filetype” and “datarange.”
The kind of Google Dorking the feds are worried about goes further, though. It’s when malicious hackers use these advanced techniques looking for stuff that companies didn’t mean to put online.
The Infosec Institute, an organisation that trains people to be computer security pros, shows how using Google can easily turn up things like username and passwords, sensitive documents, even bank account details.
Internet watchdog site Exploit Database uncovered the warning from the U.S. government issued last month. The feds want companies to test their websites to make sure they can’t be dorked, advising people to use a tool called The Diggity Project and/or a website called the Google Hacking Database. These keep a list of premade dorking queries you can run on your own website to see what turns up.
NOW WATCH: Tech Insider videos
Business Insider Emails & Alerts
Site highlights each day to your inbox.