On Cyber War
TwitterGitHubLinkedIn
  • Welcome
  • Source Zero Con References
  • 1. Reconnaissance/ OSINT
    • Information gathering
    • OSINT tools
    • Search Engine OSINT
    • Sock puppets
  • 2. Scanning
    • Host discovery
    • Port Scanning with Nmap
    • Nmap Scripting Engine
  • 3. Enumeration
    • 21 - FTP
    • 22 - SSH
    • 25 - SMTP
    • 53 - DNS
    • 80/443 - HTTP(s)
    • 111 - NFS
    • 135 - RPC
    • 139/445 - NetBIOS/SMB
    • 161 (UDP) - SNMP
    • Wordpress
    • Finger (Solaris)
    • Active Directory
  • 4. Exploitation
    • Public exploits
    • Web application attacks
      • Command injection
      • Cross site scripting
      • Directory traversal
      • File inclusion
      • SQL injection
    • Password attacks
    • Buffer overflows
    • Active Directory
    • Metasploit
  • 5. Maintaining access
    • Upgrading simple shells
    • Reverse shells
    • MSFvenom
    • File transfers
    • Linux privilege escalation
    • Windows privilege escalation
    • Tunneling/Port Forwarding
  • 6. Miscellaneous
    • Connections
  • 7. Walkthroughs
    • HTB - Blunder
    • HTB - Haircut
    • THM -HackPark
Powered by GitBook
On this page
  • Search Engine Operators
  • Important links
  1. 1. Reconnaissance/ OSINT

Search Engine OSINT

Search Engine Operators

Search engine OSINT is a collection of techniques that use search strings and operators to refine search queries. There are numerous useful operators that can be used to search for specific information about a site, domain, or company. These operators will differ for various search engines, the examples below apply specifically to Google.

  • AND includes all specified keywords in query (cyber AND war)

  • OR searches for the presence of one keyword or another (cyber OR war)

  • " " searches for a specific pattern of words

  • Site limits searches to a single domain. site:Microsoft.com

  • Filetype limits searches to a specified file type. site:Microsoft.com filetype:php

    • You can also exclude specific file types using site:Microsoft.com -filetype:html

  • Ext is useful to identify which programming languages are used on the site. site:Microsoft.com ext:jsp, ext:cfm, ext:pl

  • Intext identifies pages with specific terms in the content of the page intext:"term to search for"

  • Intitle identifies pages with specific titles or content. site:Microsoft.com intitle:"index of" or "parent directory"

  • Inurl searches for specific terms in a URL inurl:"keyword

  • Cache searches Google's cached pages. cache:Microsoft.com

  • Limit search to a single domain site:Microsoft.com

  • Filter specific subdomains site:Microsoft.com -site:www.microsoft.com

  • Filetype: limits search results to a specified file type site:domain.com -filetype:html

  • Ext: useful for discerning programming languages used ext:jsp, ext:cfm, ext:pl

  • Intitle: can help identify pages with specific titles or content Intitle:”index of" "parent directory"

Important links

PreviousOSINT toolsNextSock puppets

Last updated 3 years ago

Google hacking database:

Google -

Google Advanced Search -

Google Search Guide -

Bing -

Yandex -

DuckDuckGo -

DuckDuckGo Search Guide -

Baidu -

https://www.exploit-db.com/google-hacking-database
https://www.google.com/
https://www.google.com/advanced_search
http://www.googleguide.com/print/adv_op_ref.pdf
https://www.bing.com/
https://yandex.com/
https://duckduckgo.com/
https://help.duckduckgo.com/duckduckgo-help-pages/results/syntax/
http://www.baidu.com/