Google Dorks: Find Public Sensitive Information

00:00

in this video I would like to show you

00:01

one of the most essential skills that

00:03

you have to get as an ENT investigator

00:06

which is using search engines

00:08

efficiently now I have an ENT master

00:11

class on how can you find someone's

00:13

personal email address and personal

00:14

phone number and also using leak

00:17

databases to escalate and leverage your

00:20

ENT investigation if you're are

00:22

interested in taking this course you can

00:24

subscribe to the newsletter you'll get

00:26

25% discount plus the cyber aome toolk

00:30

plus to many ethical hacking courses on

00:32

how you can hack your own wireless

00:34

access point and how can you unlock

00:36

vulnerable cars using radio frequency

00:39

attack so let's get started hello and

00:42

welcome to this video my name is sad

00:44

from cyber sudu don't forget to like And

00:46

subscribe not many of you watch the

00:49

video and subscribe so make sure to

00:50

subscribe to the channel and follow me

00:52

on social media for more aent and

00:55

hacking content now I'll be posting aent

00:57

tips on my Instagram and on my LinkedIn

01:00

account so make sure to follow me there

01:02

so what we are going to do in this video

01:03

is how can you use Google dorks to

01:06

narrow down our search results so if you

01:09

have the person name and you just type

01:11

it in Google you get maybe millions of

01:14

sear results but if you have some other

01:17

information that could be related to

01:19

this person then you can narrow down the

01:21

search result by using the Google

01:23

operators to filter your search results

01:26

so without being said let me show you

01:28

examples on how you you can do this now

01:31

since Google is one of the most popular

01:33

search engines we will be relying on

01:34

Google for the purpose of this video and

01:37

to make this video not very long so if I

01:40

just search for my name for example

01:42

saraj and hit enter we can see that we

01:44

get like

01:46

250,000 search results and we can see

01:49

that these are searches that are related

01:51

to me as you can see I have posted

01:54

something on Z security I have a

01:55

LinkedIn account this is not my Facebook

01:58

account Etc but but this is not a very

02:01

efficient way because you don't want to

02:02

look at 20 250,000 search results so one

02:05

of the most important Google operators

02:08

that you can use to nor done your search

02:10

result is putting the text between two

02:12

quotation marks so in this case if I put

02:15

s Sage within two quotation marks Google

02:18

will only look for this name it's not

02:21

going to look for anything else I hit

02:22

enter we can see that right now we have

02:26

7,90 search result which is way less

02:29

than before four which is why it's very

02:31

important to use the quotation mark Now

02:34

by looking at the first search result we

02:36

can see that we have a LinkedIn account

02:38

which is my LinkedIn account and we can

02:40

see that the username is s SJ so what we

02:44

can do is that we can tell Google to

02:46

look for this username in the URL and by

02:49

doing this we will see where this

02:52

username is actually used so if we say

02:55

for example in url and then s saraj what

03:00

this is going to do is that it's going

03:02

to look for this username in the URLs

03:06

and we can see that we only have five

03:07

search results the only account that I

03:10

have is this one this LinkedIn account

03:12

the others are not mine but we can see

03:15

how much effort we have saved this is

03:18

why it's very important to use Google

03:20

operators because it will narrow down

03:22

your search result and it will save a

03:24

lot of time so another very important

03:26

operator that you can use is called site

03:29

which will serve SE in a specific site

03:31

so let's say that you are looking for s

03:33

in Facebook instead of going to Facebook

03:36

and search for S which is something that

03:38

you can do you can actually use Google

03:41

search engines to do so but you may ask

03:44

and say hey why would I even go and use

03:47

Google if I have Facebook I can just go

03:49

to Facebook and then search for this

03:51

person and the answer is when you search

03:54

for this person in Google sometimes you

03:56

will find some cashed results and if the

04:00

person has deleted a

04:03

post or a comment then they will appear

04:09

on the Google search engine so in this

04:11

case I have specified the website that I

04:13

want to look in and I want to search for

04:16

the string s saraj or the text S saraj

04:19

I'm going to hit enter and we can see

04:21

that we have 165 search results instead

04:23

of

04:24

250,000 and we can see that we have the

04:26

username s SJ and we have other people

04:29

who are named also s saraj now what I

04:32

like to do is just to go to images and

04:34

see what information I can find here

04:36

because sometimes you will find images

04:39

of the people who posted something for

04:41

example or maybe s saraj has commented

04:44

on pictures so if I clicked on this m

04:48

MSI laptop and then clicked on here it

04:51

will open this post and you can see that

04:53

the post is actually not posted by sad

04:56

saraj you can see that it's might be

04:59

something in the comments and if I

05:01

scroll down a little bit I can see that

05:05

sad SJ is actually in here or I can say

05:08

uh contrl F and inside and I will be

05:11

able to find him and we can see his

05:13

comments now this is not something that

05:15

this is something that you cannot see

05:17

when you go to Facebook because the

05:20

group could be private Etc and this is

05:23

why Google is very important and if you

05:25

went to All For

05:27

example you can go and and see if they

05:31

have posted something and see whether

05:33

this page is actually cached so you can

05:35

click on this dots and then click on

05:38

here and this one is not cached so I can

05:41

scroll down a little bit I can click on

05:43

here this one is cached I can open the

05:46

cached version so if they have deleted

05:49

their comment you can find it actually

05:51

in here you can see that this is the

05:53

mobile version if I scroll down we can

05:55

see that he have mentioned somebody

05:57

called Omar sharov so this is why it's

05:59

very important to use Google search

06:02

engine or the Google operators now if

06:04

you would like to search in multiple

06:06

websites what you can do is just say

06:08

site and then the domain name or site

06:12

and then the domain name in this case I

06:13

said look for sat sage in Twitter or in

06:17

Facebook and when I hit search I can see

06:19

that I have 140 search results now if we

06:23

look at sad saraj in Twitter for example

06:27

going to hit enter and scroll down we

06:29

can that we only have like four search

06:31

results we can see that somebody here

06:36

like mentioned me or did something if I

06:38

clicked on the post or the URL it will

06:42

redirect me to the profile of the person

06:46

and I can search in his profile where he

06:49

mentioned me as you can see he mentioned

06:51

me right here or I can open the cashed

06:53

version as we have done before which

06:56

will make it very e easy for me as you

06:59

can see here's the tweet that he did to

07:02

mention me now the second very very

07:05

important Google operator that you need

07:07

to use is the and so I'm going to say s

07:10

SJ and ENT so it will only give me

07:13

search results of this name and this

07:16

keyword so since I do ENT videos then

07:19

it's going to show me where this person

07:22

has appeared with the keyword ENT and as

07:25

you can see we have

07:27

330 results now if I removed this and

07:30

only looked for sat saraj we have more

07:33

than 7,000 results now the way you can

07:36

use this is by adding the person's name

07:40

and then add the city or the country

07:43

where he lives or she lives and

07:46

therefore you will get only information

07:48

that are related to these two key wordss

07:52

for example I can say s SJ and and

07:56

Germany I don't know if I'm going to get

07:58

anything but I just try it and as you

08:01

can see we can only see that we have

08:03

five search results we can see this is

08:06

my blog and this is something something

08:09

that's related to me as well I found

08:11

this method very very effective because

08:13

if you have a very popular name like

08:16

John Smith then you need to narrow down

08:18

the search results because if you didn't

08:20

do this you're going to waste a lot of

08:22

time the last thing that I would like to

08:24

show you is the Google hacking database

08:27

and this database contain many Google

08:30

doors that you can use to find certain

08:32

information for example you can find

08:34

publicly accessible cameras you can find

08:37

maybe databases you can find usernames

08:40

passwords everything using the Google LS

08:44

now in this example I would like just to

08:46

show you a demonstration and here are

08:49

all the new recently added Google dorks

08:53

you can basically just copy it and test

08:55

them on your own and in this example I'm

08:58

just going to look for online accessible

09:00

cameras and one of the Google dorks that

09:03

I've tried is actually this

09:05

one so if you have copied this Google

09:08

dork and put it in Google we can see

09:10

that it's actually very simple we're

09:11

only looking for view. shtml in the URL

09:16

and the keyword camera so let's do this

09:19

and here are the search results and if

09:21

we open this one for example we can see

09:24

that this is an axis uh camera I believe

09:28

and we can wait a little bit and see

09:30

that this is actually a live camera that

09:33

we were able to see just by using this

09:36

Google D and you don't have to enter any

09:39

password or username to view this camera

09:43

and as you can see we are able to view

09:46

the footage of this camera without

09:48

ending any username and password and

09:51

here's a challenge for you if you were

09:53

able to

09:54

geolocate this image or this video then

09:58

please tell me in the comments

10:00

section and how you have done it I'm

10:03

very interested in this so that's it for

10:05

this video if you liked it and learn

10:08

something new don't forget to like And

10:11

subscribe to the channel I'll appreciate

10:13

this a lot and Google will

10:16

just uh recommend my videos to other

10:18

people who are interested in oen thank

10:21

you so much for watching and I'll see

10:23

you

10:28

soon

10:30

[Music]