The terms Google hacking, Google hacks, or Google dorking refer to attacks that use Google or another search engine to find vulnerable web servers and websites.
Google hacking is based on inventing specific search queries, often using wildcards and advanced search operators (such as intitle, inurl, intext, filetype, and more), to locate badly configured web servers and web pages that expose sensitive information. For example, a search for
site:*/signup/password.php could reveal all pages that contain login portals.
Note that some sources may wrongly use the term Google hacking to refer to SEO poisoning. Google hacks may also refer to specific one-time hacks in the past such as those on Google’s image search, Gmail, or Google Maps.
The Google Hacking Database
The Google Hacking Database (GHDB) is a compendium of Google hacking search terms that have been found to reveal sensitive data exposed by vulnerable servers and web applications. The GHDB was launched in 2000 by Johnny Long to serve penetration testers. In 2010, Long turned the database over to Offensive Security and it became part of exploit-db.com. It was also expanded to include not only the Google search engine but also other search engines like Microsoft’s Bing as well as other repositories such as GitHub.
Some of the categories of search engine queries in the GHDB include:
- Product-specific advisories
- Error messages that contain sensitive information such as directory paths
- Files with sensitive data, passwords, and user names
- Sensitive online shopping data
- Detailed information about web servers
Testing for Google Hacking Vulnerabilities
The most effective way for webmasters to prevent Google search hacks and maintain general information security is to run automatic tests for vulnerabilities. A web vulnerability scanner, such as Acunetix, will crawl each page of a website and check for vulnerabilities that are often reflected in search engine queries (for example, misconfigurations and publicly accessible resources) as well as many other vulnerabilities such as SQL injections and Cross-site Scripting. All you need to do later is fix these vulnerabilities.
Frequently asked questions
The term Google hacking means hacking using Google. A Google hacker creates search engine queries that let them find insecure web resources, which have been indexed by the search engine.
The correct term for Google hacking would be search engine hacking. Google is simply the most popular search engine and has the most advanced queries. You could do Google hacking with Bing, too.
To not become a victim of Google hacking, make sure that your web resources are secure. The best way to do it is by using a vulnerability scanner. For example, a vulnerability scanner will show you if you expose sensitive information by mistake.
Google hacking means using Google to perform hacking activities. Hacking Google means finding vulnerabilities in Google services. There are security researchers who find vulnerabilities in Google using Acunetix and claim bounties from Google.
Get the latest content on web security
in your inbox each week.