A hacker's favourite exploit. Why risk detection by scanning a company's internet footprint when Google's done the hard work for you?
Google dorks are a list of search requests that pick up sensitive information unwittingly exposed to the unsuspecting world by careless employees.
Discovered by Johnny Long back in 2002, Google Dorking is still very much alive. The power and flexibility of the Google search engine makes it difficult for companies to ensure that they're not exposing any sensitive data, however sometimes it's worryingly easy. A simple search query such as:
is often all it takes to find vast quantities of social security numbers stored in publicly accessible files. Similarly, queries such as:
intitle: "index of" password
have been known to uncover user password lists.
For more information about Google Dorks - Google it!