 Hello students, I welcome you to my this course Well, this course is about information gathering So we just named that Google hacking exploit databases So we are looking forward to into the more deeper and deeper So let's first look up to some slideshow that I have and we will go Directly to the practical. All right, so this is more importantly before you're going for cybersecurity or in a joining any courses related to information gathering or Some of like the ethical hacking or anywhere the possibility will be help you any Domain you're working for how they you may have any websites. You may need to analyze or Get some information from the wave or so on Google So Google actually doesn't tell you to have what the information you are asking for they will Provide you the information The clients it depends upon the location depends upon the climate and depends upon a lot of things So we will look up to that and let's not waste of time and just let's start it with information gathering with Google first like terms that I use is that Hiking Google database is not actually like regarding the hacking It's just right now like a cradling through the Google Databases so we have a lot of bunch of amounts of data in the Google server So what are we doing in that Google stands to get a client's data and that will be indexes like a page So it will be right Google. What did they do that? It will write a page It will look so it's simple example that you have a page of book, right? So what do you do? You do write something like a topic on the ball heater pile and the below is there a container or data Whatever, so that's simple like it is called index So that's Google indexes into their servers and then we show you by the topping name you are searching for so let's see So Whatever that I'm going to show you in this first slide is that I'm explaining all the things How does indexing and Google information with the work? so SEO you might have heard that Search engine optimization a lot of people or those having a website or Something like up. Yeah, I wanted to make their website on top and prioritize. So what they are looking for an SEO That's the key word. So possibly what are we looking for the information gathering is about the key words So we are waiting for to play with a lot of keywords And I will show you the some of the websites those give you an information about the Websites information about how you can search and more pro like a more proficient and apparently You can get a lot of databases from the Google with this search and I'm going to show you this is a note None of any warning you kill can tell you this is information how to get a crowd through the web So let's start In the next slide So welcome back So information gather with Google is that actually to talk and I miss write a variety of information Do we just possibly exercise? So it is sophisticated mechanism to get an external certain result Which are looking for into the tens of websites and tons of information that Google indexes, right? So let's start with the next to general information why Google so it's only returned by just way using only Google that You must say that Google we can't doubt on that because it is more and more Propound company that has a lot of information. Everyone use it. So we are only using Google there are part of the Google There are sites like a bean and Duck-Duck go this is a private website. So did we give your privacy, right? So you can use also duck-duck go So this is not a prop only we show you the index and pages What are you looking for in duck-duck go because they are there are a lot of prominently working on the privacy So they will look and show you the pages. They are They are all indexed, right? So let's look it So why Google's upper-south sign summary So information getting what information gather is the greater part of persistent hacking a trial higher System you can see it all gathering information without appropriate investigation. So so this is the passive passive type of Information gathering and I also like I will tell you how to act you bad type of information you will get So what is there two types of information that is a passive type and the activity so passive type is that Without letting him know the right way So active is that you or go through the websites or I go through the Google and just search for any keyword What do we want it and you just type it and you will get a That's sort of data for information, right? So in the pages are directly under your web Page, right? So in the browser. So what is the passive data? So in in between the active? Type of data you are interacting with the website like so in type of the passive You are not interacting with your website because you're hidden something like a VPN or you may use a colonics or sometime like someone is Like not interacting directly. So we look up at that all the things alright So there are the bunch of their websites who look up to the and we can search for it and Go forward to crowd some of the websites. So we will plus the information gathering with the Google is all about I'm going to show you We ease and then let's look up that probably in as report. These are the some other websites. Let's Jump to the practical. So Just search for this look up or at the first website. You say just go it for who eats also is Please dial. All right. This sounds like not secure So it's for we eat and just first Oh, what? All right, so here you have so if you wanted to search for a Pack with on certain kind of information, you can go to the This all type. So you just type in the host the next local to the cell any type of server And the next domain or anything whatever and just query or the DS server for timeout And it will give you the how it is look up the tools that provide you following the mental look up the information about All right. So we are going for who is look up IP. So I'm going to show you an example Just type in example that come I get a certain Rises so we have one website. I don't know which where it goes to but I just how to use it for All right, so example diamond is not a well What you say is this domain is not for use Australia examples document You may use the domain illiterate a little without prior for the nation on asking for permission. All right So now the websites are right here. This is insecure. All right So we we have got here is a bunch amount of information from the DS server So the registration so we what we got is update date The word in the upside update a creation date when the upside of credit Registration that when the server's register email number the most amount of the information is Probably that will be shown right here All right, so you can use this will use that night and after that I'm going for a crack This mostly used in a while So it just go on resource size for Nina side report. You can go in for side report And here we have All right, so I'm just gonna example Example dot com Alright, so here we go and just there are a bunch amount of the information on the site So you're looking for example that come only Oh So host name and example dot com side reports you can download the side reports where we have So here you've got example dot com side reports All right, so you got a bunch of one example side reports example dot coms What do you have God? Let's say that all right today love first thing in December 99 high In example net burner, so you got a net owner and go through it Example dot com you got a few rates also All right, so I'm just gonna let's hug. All right, so this is a company where it's on You got a you does this hosting country And the NS is unknown so you can look up to some other website You can get a DNA so this DNA storming you got a org I've used six of races for this website and also this is a Trace route. So how the websites can from Google databases to servers to your Voting, all right Let's see for next slide So I'm pushing down need to Google What are these stages of Russian gathering is gathering information locating the network range identifying active machines finding open force and application detecting operating systems Fingerprinting services mapping the network So using Google direct search operators So we will use a formation that broke all dark switch of red the four of these before I'm gonna show you the one website that will feature some of the email addresses from any kind of website So this is the one website down to that I L all right So if you have just a sign up so this website figure a bunch of amount of email addresses You just open or maybe public or maybe hidden from certain kind of websites. So we'll look up to the example Example that Let's see So, all right, so we don't got it that Or taste a lot All right, so here we go So if you just put it down, I believe that some websites Domain and you got a bunch of the email addresses related to the website and you would even redirected to directly to the web pages Where the email address existed? All right, so you can take it for For your references if you just sign up here, you will get all the email addresses in your Right, so So using google dork search operator. Let's see what we can do by dork. So this is a Using the search operators What are they the weirdest of search of google or consultation terms or symbols that carry out spatial actions So this operator's goal to be what do you look for in a great size way offering additional control beyond the page search So dork search operator, what do we have this quotation mark in the book? What is your mark in between you will use a certain keyword To express some more literal. So Example you have got a coupon due to Valentine, right? So I start explore all set losses of titles words So you can unload this way to search this right? so Example go and security conference could come hacking So there's all those some basic operators how you can search for So or symbol is for pipe or a pipe you can condition or indicate stats You can know the symbols and is the word in which results or the search but the search on the one time And separated will be specified operator or moment to turn that you should complete this approach All right, so cocoon or security comparator. So you can just use the pipe symbols So operator infinitely it's a tilt it allows to look for synonyms of a term synonyms of the security So whatever the rest of the synonyms for security, there are a lot of hanging on say anything They will show you all right ranges number So you just station mark any IP address you just looking for you just type in there and you will get our related IP addresses So there's all the bench amount that the direct search operator in anchor in tax in title any URL link file like point book info So what are they looking for a certain information you are looking for? So look so in text, so what in text is that If you are looking for a text format, so you just type in a keyword in text Coulon or whatever the keyword you wanted to search for so in title What is a google in title or any website? So let me tell you what it is So you can't understand it better way So just going for search for example All right So this is a way How google will show you someone's part of information So google this is all kind of index pages and this is the one topic that you are looking for the example So what he indexed show is about there's a literal websites Uh, here you have a valid website. So which are www.marenwebster.com and directory So what is this this is a website? So this is a website directory of this maybe kind of domain, right? And this is a title of the website page of the man whatever This is title equal in title. So if you are looking for in title like this Just just certain examples like these you just type in in title In title example like this So wherever the example will appear will be show you on the top of this website. Here you go Just www.marenwebster.com here you go is sample the example marenwebster See that got that still like so we aren't going for indexing so In site if you just type inside So it will look for site related to example So like look this example since the site is inside inside example So in title in title also represent this title the examples of sites I just want to for it title And here you go. You just got this first exciting mirror title is the example all right So we're going for Much more about this So the first important channel with google is anchor in anchor So you fuse in anchored colon and whatever the keyword you want So it will only show the pages that have the keyword So in the text of of the link so the point or based on the back links or external links So I will show you how anchor does work So there's certain information you just go for any websites And I will show you how to Get the source code of the website just type control plus even you get the source code There's the anchor. So I'm just gonna find the anchor Let's see if we got okay. Here we go So there is anchor in between So here are the keywords anchor where the keywords. So we just need to find out the where the keyword is So there's information a lot of resources. So here we go So here is the example the keyword. This is the anchored keyword Which will if you just type in here that it's anchor Just wait a minute in anchor Sample the same website will be goes for the top In anchor. So there is an example the keyword in this website page In code, right? So you can just see the crowd through the websites in this there are a lot of you wish you can get by this anchor code, right? So we are looking for the most important and mostly fascinating information gathering from websites like show run that I'll and I'll show you how you can access some vulnerable information from all over the world. So and also a password and user names from Park containing So let's see How you can use what we can find is a one number products. You are missed. Just follow the conditions information Follow the password user name Information access pages access forms in a valid data vulnerability directory since you directly assist the information e-commerce and backing your voice is only available in the virtual files when the browser is the direction of web servers So this is a php-word. We'll go forward and This this is a one configuration. So which is a vulnerable one file type. This is a computer command. You got it Anyway, I'll just go that error plus text index the php info. You will get this part So You can also crowd through local hosts using password now. I'm going to show you Uh Accessing for user using password, you know, this I'll be going to show you in exploit db database is google in next session, all right And just keep him for it Uh file that contains passwords So here we have this password. So xml this is the xml piece of the code That contain a password. So how how I show you that control plus a you If you just type a back encoder of any website, you will get a lot of information that I already told you that So this is a more lot of information. You can also crowd like this one this night Already there we go So I just want to index uh Any server any no, all right just a php paul php. I'm just going to type dot php login php and file type So I'm just gonna go for index uh in in uh Him title I'm going in title. I'm going for password in url password So these are the some websites that we show you It's great. All right. So just one go for this dashboard All right, so I don't need this just not one Are looking for in your house in your house or to lock site I'm just going to for password All right So I'm going to tell you how you can index this force. I'm going for a movie I just have a new index cool movie So there are a bunch of the websites will come and the first time choosing So this will be prompted directly or maybe not All right, just taking time Looks like it's not going to sell you All right, so here we have some bunch on your this is directly directly tp This is part transfer protocol we use and you can also search for the config file Which is database file. You can also get a password which is a hash And username also for this website. You just type here in admin dot Dot php this website exists in php. We get the admin panel And you can log in into it So all right, so you can also get this a lot of information from indexing movie whatever type You will get a bunch amount of the information from these websites. All right So next we will look up to the how you will search for and uh showdown so Some camera So we're going to get you with some camera rolls on live Or showdown you just go for showdown and just type password And here you got a bunch amount of website which is out like this data publicly So you get some IP addresses and you have the passwords some uh, well See that if there is this is all header files from this website Redacting all right Special incorrect. So just look for all right some kind of error So you need to log in for more so all right, so I'm just going to post cctv So you get a cctv camera See that get from just do not Let's see this one All right, so it's not working We need uh, all right score this we need uh halveen And never all right, so it's not gonna work 1 3 4 pi So you need to try the before seeing this website to get access to this So you can find out the much more the public Assist the camera there are 100 and 53 there are 1,053 uh total searches So there's a bunch of online browsing short and can show you Show one over website. So just type one level Where you site all right, so sorry And here you go. Here's the poor vertex. All right You can just uh, I go on front later at least so the vulnerable website you can type And you get the information what you can search for here is that if you just type your website and look up to that Yeah, if your website has the vulnerability or not with people searches all over the world, we'll be sure right here The example that count the wherever the prompt will get you will get a lot of information on this showdown also, all right This is the fourth is So I am going to show you here how you can get a ccd camera ccd access Let's see if we get it So you just type in the access and you will get a super epic camera access Right here. All right, so a bunch of amounts of type here You can just type in and you will get a power to live camera. All right, here we go This one live camera And you can just throw on us throughout this. Uh, this is how you can search that if your camera is open or public Okay, just type in index and whatever the camera you have So it should be ever the camera's name, whatever All right So looking for code or google provides a simple way to find vulnerability in the software through the google code search You can find vulnerability in the code sources. So this is the website just write it and note down www.google.com. Go to search Slash code search and if you just type and go for it So this is how it looks like if you wanted to search for a particular sort of piece of the code And you just type in here and they show you the advances code search And the website containing this code So one fun one though to find the bug or vulnerability if this code is existing the database of this your website On pages you can just count it out right here So this is a jiggly query parameter This is cross-site 15 php code If this found your website is vulnerable to this Code as we can make it a hard track So I'm going to go tell you some of the tools. These are the more information as in and these are the one g y tools So the first two is we have a four google scan v1.0 The google scan is still the automatic consultation towards google Told as a scam or cgr and the communication is not made directly on the website. It is a google response Features Developing see and it's possible that had to be mudrox Atomic search and can prejudice terms the user's google. All right, so go to below Website and just download these and you can scan this code Automated securely all right So we'll scan some of the information whatever you want it through the keywords This is a symbol like site exploit db So site digger is another tool the site digger looks for and cache the web's a google to find a vulnerability errors configuration But if all and another type of information is just security on the website Features are the most improved than the before this website. All right So in free user interface signature upgrade and page results api the google doesn't require So the most of the api's report sign up for your information. They will collect your ip All right, so you are a good email addresses Poor numbers are much amount. All right. So this doesn't require api for searching or information gathering. This may be Like a active. Sorry pass you search. All right. It's information gathering So you can find a lot of information through the site digger also v 3.0 Requires microsoft.net framework. We over turn 3.5. All right We just look for that your web's uh, your old configuration is updated Site digger v 3.0 So this also it looks like this You are not installed like this So you can just type here inside domain if you install it you will see the side domain here and just type your Website if you wanted to scan for us any. All right. So you just scan it and you will get us a lot of query scan It's like your info also Okay, this is uh much more likely Latina the next tool is v version 2.0 They use this for example, but the search is again personal idea. So it works Are actually the same way that maybe you get a web All right It's a compilability with site digger Modified files. It's similar. It doesn't ai use api So if you want an xml pass to get a permission report you can use it for it So record me the microphone dot my framework. We're just 1.0. Just Remember that this is how it ui look less prominent target next to version 1.0 You're going to be carry all the pz and i find the sqli exercises for sensitive thing alify error pie All right through the google so developing c-shop and license juna Multiplier jury support for g hdb That's what we're looking for gsdb.google hacking databases In the last section because this is more prominent. It was important website You must Is visit if you wanted to search for hacking terms are the most of the File types that I will show you that most of the things will be happen into gsdb All right, stay tuned. This is more Going to be interested in that session So the good night is the capture So this is prominent dark while we're turning point one point. Oh, it looks like this one So this is a cl command use Here on stark tools is that it's extensible purpose That will use the easy the quick way through the contextual meaning to use a more than 14 doors So you can also use the extension for five folks at all advanced work So if you want the extension for chrome also, you just serve for dark for chrome extension And you will get a lot of information also from there There are more much of us Gorks So we are going for social engineering So before this social engineering, I'm gonna show you this first website Let's see in next session So we are heading for the main part of the old website that is all right exploit db TV Yes, you search for it and this first website exploit db.com. We go for google hacking databases This is the website. All right. Hi here. Good. This is the main part. We are looking for So this one website what we look for this website Uh, we'll travel through the old database of the google and search and access certain reserve for you So here we have first Turns out I will show you that you can search exploit dstp google hacking databases Shall call search edb If you wanted to use for edb for advanced searches, you can use it for you can submit and also for your Contacts here online training. It is on the stuff So we have four 15 shows for peak which is our recently other by the auto So we're gonna for first one. So we want a php index php So this is the dark. So you just copy that and go for search And you will get a some on the website that related to the search in your You can get a bunch of information right here My ticket if you want to keep open ticket I'm just gonna show you that how they work All right. So we made a pass up for this message only part All right. So you can search it for exactly how you can I hold I'm sorry I got exact results right here. Just I just go for exercising on and just take it I directly go for dashboard. You see here If I just type at home This is a Main website here you are This is the main website When you type that but without just scroll through all the website and other steps By this google dark you exactly prompt and jump on that exact result right there So this is the money use of the exploit databases, right? So you can use this for php Uh, many other informations you just search for quick search We're gonna show you what index and php file login the login dot php I'm gonna search it. All right. So here we have So admin as main letter talk login. So this is all the pile types your URL entitled so I'm gonna use for PD a file. All right. So just gonna feed it up So if you wanted to search for pdf Just go on contacts as pdf the attribute. There are a lot of information also, you know, all the government otherwise So I'm just going for uh, pdf policies when I type Uh, here we go. Just copy that and type it on search for it So here's a key id like so this keyword either sites government inside if you want to search for in government sites And you're gonna sign the policy video. There's all this pdf that you can only tell throughout it. All right. So I just wanted to site for corona And so this government so if you just type the corona So wherever related corona Or SSS inside that is a Google government. Just extension like like there it is Every website has a goal extension This is a sub domain Subdomain All right signs file. Love is a pdf. So if you want to dock it you can search for doc And we got the docs right here. All right. This is how it's working You can also search for passwords if you want to password from open From any website you start on password And here we go Switch for it Yeah Lake the passwords So you will get a password. So you can just go through all these expires or the whatever the files are there And you can find the password for the some of the websites. They'll leak the password So this is one website also wiki leaked or work. We show you the password list which are the leaked All right, so you can go and throw out and you can search for a password for any website you want So there's a lot of one one number of website password. Maybe You can search for wiki.bombs. All right, so wiki leaks the work I'm not going to all that deep So this is how it is working in just quick searches Also, if you wanted to filter it you can filter it in category pull web server detection Go over the power from the best server messages and begin with the auto type if you want it to know Who's author for that? All right So this is for today The last one is this bonus point is that I'm going to tell you one website will give you a bunch of out of the information Arcade already you might have heard that this is our cloud or the website which I'll store a lot of our kind of websites from that time travel that time particle time So this way back machine which you can Use it for some data crawling. So this is more important This is a very big stuff that I found ever because to give you a lot of information which never existed anywhere Anywhere on the internet. So this will give you a bunch of more information also So it is a free This is not copyrighted also So there may be a copyright also I'm going to tell you that if you wanted to search for how Amazon or maybe Facebook looks like in 2010 2005 So I'm going for Amazon How it was looks like in 2002 Amazon.com is server.com And just click it below Site any website you type here, there are archive files. You can use the word. So I'm going for 2002 Let's see if there is any archive file for Amazon So I'm just choosing any time Delation where the archive file is carved. So this will take a time to respond to crowd. I'm I'm just going to redirect it to this Just wait for it Here we have so you just look to here that the amazon in 2002 had no any security There is no stp. Yes. So it is just stp So you can look that So this is how amazon is to look like the website is used to look like this or it's pretty simple one You can search for books in 2000. It's a main obtain All right, so taking time I say it's not going down. All right. This is our date made time out 2000 This house is actually used to look like it's a pretty good one I am going to show you some more about that. You can also Search for any website you want If you want a video books, you can search for all books Either at the open library, you can use to download any website information you want it All right. So this is a bunch of all information they can have You can get access to all of those for your course All right. This is the internal archive. You can use it for yourself Go to it