Google Advanced Search
We can use Google for passive information gathering purposes. This method is a passive one, the target site doesn't know about our reconnaissance. The Google search engine provides a decent set of special directives for refining the search results to suit our needs. The directives are in the following format:
directive:query
These directives can be very profitable for searching juicy resources for a target. As an example, let's do an advanced Google search on packtpub.com that will list all indexed PDF files:
ext:pdf site:packtpub.com
In this advanced search, we utilized the ext:pdf
directive to only obtain files ending with the PDF extension and site:packtpub.com ensures that the domain we want our result to restrict to should be packtpub.com.
If we want to match a particular path in the website URL, then we can use the inurl directive:
For looking up a particular title in the results we can use the intitle directive:
Look at that! We are using a simple title search...
