0x00 Preface
Search engine syntax is a tool that should be used a lot but has been ignored by me. It can meet some special needs to a large extent, such as: finding the website background or uploading file pages when infiltrating.
At present, the main commonly used search engines are baidu, google, and bing. The syntax of each search engine is slightly different, but many are very similar. Because google is often inaccessible in China (for example, I use a Chromebook now, and take notes at home). I can't use goole before I get FQ done at that time), so baidu is still the most commonly used search engine.
0x01 Common search engine syntax
1.site
Scope the search to a specific site. But sometimes you need to find some special documents, especially for professional websites. Reasonable use of site can make you get twice the result with half the effort.
Example:
#Search only content in freebuf # site:freebuf.com penetration
Notice:
- Do not bring http://
2.intitle
Limit your search to the title. In general, the title is the outline of the entire article. Using this method can help you quickly find the article you need.
Example:
# intitle: blog.csdn.net penetration
3.inurl
Used to search for URLs contained on web pages. This syntax is useful for finding searches on the web, help, etc.
inurl can query the inclusion status of specific pages of the website
Example:
# inurl:hao123.com
4. Brackets, double quotation marks, or title number
Exact matches can be used to narrow the search.
Example:
# [java virtual]
Notice:
- The title number has two special functions in Baidu. First, the title number will appear in the search results;
- The content enclosed by the title number will not be split, which is especially effective when querying movie books.
5.filetype
Search for files with the specified extension
Example:
#Find Baidu's pdf files # site:baidu.com filetype:pdf penetration
6.index of
Index of can retrieve the content of the servers that allow directory traversal, and get the resource list of the website.
Example:
#Search for websites that can directly download pdf resources # index of pdf
0x02 Hacker’s Way
Find backend
# site:xx.com intext:admin # site:xx.com inurl:login # site:xx.com intitile:background
0xFF Summary
At present, only the used content is recorded and summarized, and mainly baidu, which will be added later