"Dorking" is a technique used by hackers that utilizes search engines to discover vulnerable applications or harvest data. Depending on the search engine, certain techniques and queries are utilized.
Google hacking, or "Google Dorks," is the most well-known type of dorking. It invovles using advanced operators in queries to achieve specific results.
Locates files with filetype "php"
Locates urls that contain "admin"
Locates all pages with title containing "apple"
Only searches within indexed pages of postman.com
Note: I am not responsibile for the chaos you spew onto the earth with this information. This is purely for educational purposes :D
This will find public webcams.
.env files define environment variables. These files aren't meant to be public, and here we're taking advantage of that by searching public indexed .env files passwords.
"index of" in a page's title indicates a directory. Here, we're searching for "contacts.txt" within those public directories.
This searches for indexed pages that manage HP's laserjet pro printers. If you're feeling particularly brave, their the default user/password is "admin" & "password" ;)
While google is a general search engine, Shodan is a search engine explicitly for internet-connected devices. Shodan makes dorking incredibly powerful, as it makes finding potentially vulnerable devices almost trivial.