1. Home
  2. Training Library
  3. 2. Reconnaissance

How To: Google Hacking

Developed with


Cyber Primer Online Learning

The course is part of this learning path

How To: Google Hacking

Course Description

This module will introduce some techniques used for reconnaissance and social engineering. The software simulations introduce some of the methods and software that can be used in reconnaissance.

  • Reconnaissance 
  • Social Engineering
  • Twitter Profiling  
  • Google Hacking  
  • Maltego  

Intended Audience  

Although perceived as an IT issue, cyber security is, in fact, a subject relevant to all business units. Cyber Primer is aimed at anyone with an interest in cyber security, whether they are looking to pursue a career as a penetration tester, or just want to get a feel for the world of cyber security.


There are no prerequisites for this course, however, participants are expected to have a basic understanding of computers and the internet.


We welcome all feedback and suggestions - please contact us at qa.elearningadmin@qa.com to let us know what you think.


In this video we'll cover using Google to find files a website thought it might have hidden. Here we are at Google. Google is the world's most used search engine, but unbeknownst to most users, is the ability to use Google's search power for more specific searches than are typically used. The power that we can use is called, a Google Dork, also know as an advanced search operator. These can be used in the reconnaissance stage of the cyber kill chain, or used for general opensource intelligence, or OSINT. You should investigate these advanced search operators, but for now, let's do a quick test version of some of them. I'm now typing into the search bar, filetype:pdf to search for PDF files. I'm also typing site:qa.com. Let's see what we can find available on our website. Here we have all of the PDFs being returned. All are publicly available and accessible from the QA domain. This can be quite powerful, because we will be able to find information that shouldn't be publicly available for an organization, or on an individual's website. These advanced operators can be found in GUI mode by going to settings and advanced search. You can see here that what it has done is that Google has filed out this advanced search page with the information we provided in text format and placed it into the various fields. Here is site, with domain being QA.com and also the file type is Adobe Acrobat PDFs. Lets add another tab. There's another website available to us called, the Google Hacking Database, run by exploit-db. Now, when we go here, we'll find that we can use lots of these advanced search operators, or Google Dorks for opensource intelligence. Collated at the Google Hacking Database are various pre-compiled search strings for different types of information. As you can see, we have information about sensitive directories, such as info login portals, vulnerabilities, the list goes on. Let's click on files containing juice info as a category. And then we will click on intitleindexof"userpass.txt". Just like that you can see that the Google search is already there for us to click on. It opens the Google search and we're able to see files of the same nature directly there. You could edit the term to narrow, or broaden the nature of the searched text. Here is a screenshot of the advanced search operators and that's a brief overview of using Google Dorks.

About the Author
King Samuel
Cyber Security Trainer
Learning Paths

Originating from a systems administration/network architecture career, a solid part of his career building networks for educational institutes. With security being a mainstay his implementation he grew a strong passion for everything cyber orientated especially social engineering. The educational experience led to him mentoring young women in IT, helping them to begin a cyber career. He is a recipient of the Cisco global cyber security scholarship. A CCNA Cyber Ops holder and elected for the CCNP Cyber Ops program.