How to find sensitive data with Google Dork?

Google Dork is a search technology. When using it, we enter advanced query requests into the Google search engine to find sensitive data that has been indexed by Google due to site configuration errors, such as usernames and log files.

This data is also an important source of open source intelligence due to its technical openness. This article will describe techniques for finding sensitive data using Google Dork, which can be used by simply replacing the search target.

Google Docs

Let's start by trying Google Docs, Google's own documentation service, by entering the content:

site:docs.google.com inurl:"/d/" "example"

If you need to find information about Tesla, replace the content in quotation marks with "tesla" and then perform a search to find public documents stored on Google Docs.

Google Dork

OneDrive

OneDirve is a cloud storage service from Microsoft that allows users to store photos, files and folders.

Enter the following:

site:onedrive.live.com "example"

Google Dork

Azure DevOps

Azure DevOps is a service platform developed by Microsoft with various types of development tools, including automated build processes, testing, version control, and package management. A search through Azure DevOps may find sensitive information such as API keys, access tokens, and repositories.

Enter the following:

site:dev.azure.com "example"

Google Dork

SharePoint

SharePoint is a portal site from Microsoft that connects users and teams. With a little luck, you can search for information such as some internal communications, project plans, and employee records.

Enter the following:

site:http://sharepoint.com "example"

If you can't find results with "tesla", you can also try "tesla.com" instead.

Google Dork

Dropbox

Enter the following:

site:dropbox.com/s "example"

This time change the search target to ChatGPT.

Google Dork

Strictly speaking, however, the techniques presented here are more suited as a complementary means to regular searches than as a primary method. Intelligence and data collection always requires casting a wide net in order to avoid missing unexpectedly important information as much as possible.