# 1. Footprinting through  Search Engines

{% embed url="<https://youtu.be/E2qJItkNca0>" %}
Search Engine Techniques and Advanced Google Dorking: Ultimate Guide to OSINT
{% endembed %}

## 1. Gather Information using Advanced Google Hacking Techniques

```
intitle:login site:eccouncil.org 
```

```
ceh filetype:pdf 
```

```
intitle:login site:.pk
```

**cache of a site**

```
cache:eccouncil.org
```

**in URL and allinurl**

```
inurl:certification site:eccouncil.org
```

**Other Dorks**

```
intitle:
allintitle:
anchor:
inanchor:
allinanchor:
link:
related:
info:
location:
```

**Sql  injection**

```
inurl:page.php?id= site:.pk
```

<figure><img src="/files/TJ6JnriJPwohk5J4clEO" alt=""><figcaption></figcaption></figure>

* **cache**: This operator allows you to view cached version of the web page. \[cache:[www.eccouncil.org\]-](https://ceh-practical.cavementech.com/module-2.-footprinting-and-reconnaissance/http:/www.eccouncil.org]-) Query returns the cached version of the website [www.eccouncil.org](http://www.eccouncil.org)
* **allinurl**: This operator restricts results to pages containing all the query terms specified in the URL. \[allinurl: EC-Council career]—Query returns only pages containing the words “EC-Council” and “career” in the URL
* **inurl**: This operator restricts the results to pages containing the word specified in the URL \[inurl: copy site:[www.eccouncil.org\]—Query](https://ceh-practical.cavementech.com/module-2.-footprinting-and-reconnaissance/http:/www.eccouncil.org]—Query) returns only pages in EC-Council site in which the URL has the word “copy”
* **allintitle**: This operator restricts results to pages containing all the query terms specified in the title. \[allintitle: detect malware]—Query returns only pages containing the words “detect” and “malware” in the title
* **inanchor**: This operator restricts results to pages containing the query terms specified in the anchor text on links to the page. \[Anti-virus inanchor:Norton]—Query returns only pages with anchor text on links to the pages containing the word “Norton” and the page containing the word “Anti-virus”
* **allinanchor**: This operator restricts results to pages containing all query terms specified in the anchor text on links to the page. \[allinanchor: best cloud service provider]—Query returns only pages in which the anchor text on links to the pages contain the words “best,” “cloud,” “service,” and “provider”
* **link**: This operator searches websites or pages that contain links to the specified website or page. \[link:[www.eccouncil.org\]—Finds](https://ceh-practical.cavementech.com/module-2.-footprinting-and-reconnaissance/http:/www.eccouncil.org]—Finds) pages that point to EC-Council’s home page
* **related**: This operator displays websites that are similar or related to the URL specified. \[related:[www.eccouncil.org\]—Query](https://ceh-practical.cavementech.com/module-2.-footprinting-and-reconnaissance/http:/www.eccouncil.org]—Query) provides the Google search engine results page with websites similar to eccouncil.org
* **info**: This operator finds information for the specified web page. \[info:eccouncil.org]—Query provides information about the [www.eccouncil.org](http://www.eccouncil.org) home page
* **location**: This operator finds information for a specific location. \[location: EC-Council]—Query give you results based around the term EC-Council

{% embed url="<https://www.exploit-db.com/google-hacking-database>" %}
Google Dorking Cheatsheet
{% endembed %}

## <mark style="color:red;">2. Gather Information from Video Search Engines</mark>

**Youtube metadata**

{% embed url="<https://mattw.io/youtube-metadata/>" %}

<figure><img src="/files/B1z00hcUIvxuJcyFbMyu" alt=""><figcaption></figcaption></figure>

Other similar sites

{% embed url="<https://www.google.com/videohp?hl=en>" %}

{% embed url="<https://video.search.yahoo.com/>" %}

{% embed url="<https://www.videoreverser.com/>" %}

### [https://ezgif.com](https://ezgif.com/)

## <mark style="color:red;">3. Reverse Image Search</mark>

{% embed url="<https://tineye.com/>" %}

## <mark style="color:red;">4. FTP search</mark>

{% embed url="<https://www.searchftps.net/>" %}

{% embed url="<https://www.freewareweb.com/ftpsearch.shtml>" %}

<figure><img src="/files/41JjDz5KiH0KWyzyD6PS" alt=""><figcaption></figcaption></figure>

## <mark style="color:red;">5. IOT search Engine</mark>

{% embed url="<https://www.shodan.io>" %}

{% embed url="<https://search.censys.io/>" %}

### Best CEH Practical Preparation Course

{% embed url="<https://www.udemy.com/course/ethical-hacker-practical/?referralCode=289CF01CF51246BCAD6C>" %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://ceh-practical.cavementech.com/module-2.-footprinting-and-reconnaissance/1.-footprinting-through-search-engines.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.