Google Dorking (Google Hacking) – A Form of Passive Recon

Title: Google Dorking
By: Christy Long Kushner
Year: 2018

Google Dorking Overview

Google Dorking (Google Hacking) is a form of passive reconnaissance allowing you the White Hat tester to use search strings, operators, Boolean, regular expression (Reg-Ex) to search files, websites to find information that is not readily available with a generic Google search.

Disclaimer

• The content in these presentations are of my own and do not reflect the opinions of my employer.
• All information and demonstrations available in this Presentation are for educational purposes only. Use these at your own discretion, the creator cannot be held responsible for any damages caused. The views expressed on this site are our own and do not necessarily reflect those of our employers.
• Usage of all tools on this site for attacking targets without prior mutual consent is illegal. It is the end user’s responsibility to obey all applicable local, state and federal laws. I assume no liability and am not responsible for any misuse or damage caused by this information

Permission

Christy received permission from Cartek Consulting before creating the content of these presentations.

Google Dorking 101 – The Basics

Google Dorking 102 – Using the Skill

About the Author

Christy Long Kushner is a Certified Information Systems Security Professional (CISSP) and instructs as a consultant through Cyber Synergy Consulting Group. Christy specializes in such areas as risk management, regulatory compliance, security solutions architecture, training, testing and investigating cyber incidences. In the 2019 year, she will serve as the Vice President of the Raleigh Chapter of the Information Systems Security Association and is currently the membership director. She also is the CFO of a simulation and video game design company. Before changing careers, she was an Air Ambulance Medic in the United States Army where she performed critical care treatments to patients. Currently, she helps promote awareness of information security threats in an ever-changing global IT Security economy.