Although web sites are a brilliant way to publish information, many site owners and operators inadvertently publish things on their web site which shouldn't really be there. Such items include log files that could help a hacker locate private areas of the site, old backup files that aren't properly encrypted, database files, folders that can be browsed directly, and so on.
While it can be very time-consuming for anyone to track down these files, the good news for hackers is that search engines like Google have probably already done all the hard work. So all the hacker has to do is to use Google to search for, say, unprotected database files on a particular web site.
And that's where https://pentest-tools.com/reconnaissance/google-hacking comes in. It's a web site containing ready-made links to all of Google's most common searches used by hackers. So all you need to do, in order to test that your own web site isn't vulnerable, is to type in the site name and then click each of the links in turn. The system will initiate a Google search for your own site, and include all the additional search terms that hackers might use to find forbidden content on your site.
If you run a web site, or you know someone that does, give this a try for some added peace of mind. But if you're tempted to randomly try it against all the big commercial sites you can think of, you'd be wise not to do so without the targets' permission!
Please rate this article: