The Google Hacking Database (GHDB) is a categorized index of Internet search engine queries designed to uncover interesting, and usually sensitive, information made publicly available on the Internet. In most cases, this information was never meant to be made public but due to any number of factors this information was linked in a web document that was crawled by a search engine which subsequently followed that link and indexed the sensitive information.
In simple words GHDB is an information gathering technique used by an attacker for advanced Google searching. GHDB Search queries are called as a Google Dorks. Google Dorking is Googling with specific search strings that can force Google to return a specific result.
For example: inurl:”.php?id=” “You have an error in your SQL syntax”
This dork allows us to find websites that are possibly vulnerable to SQL Injections. This Google hacking query can be used by attackers to gather security vulnerabilities in web applications.
ESDS VTMScan Detection Techniques
- ESDS VTMScans 14000+ Google Dorks
- ESDS VTMScan uses well-known web browsers to collect GHDB results.
- Some of the ESDS VTMScan categories of Google Hacking Database include:
- Files with sensitive data, passwords and user names
- Vulnerable servers
- Error messages that contain useful information
- ESDS VTMScan scans the website and ensures website security by automatically checking over 14000+ Google Dorks.