Google Power Searching for Security Managers

By Stephen Northcutt

One of the important Operations Security tasks is to determine your organization's exposure to search engines. In the same way, you want to use search engines like Google to gather information about your competition. The most important thing we need to do in a search is to reduce the number of findings. So many times Google will return with over a million pages and this will only get worse as the Internet continues to grow. This first set of operators helps you narrow your search and then we will show a series of commands to find additional information.

ext: (extension) or if you prefer filetype: does the same thing
"data loss prevention" ext:doc the quotes are for an exact match of data loss prevention since we aren't looking for shoplifting and we want a word document
budget filetype:xls would look for spreadsheets that say budget
intitle:budget filetype:xls would look for the word budget in the title and it would be a spreadsheet
allintitle:family budget ext:xls would require both the word family and budget to be in the title and we are only looking for spreadsheets

site: sometimes I remember I have seen a file or document on a given website, so you can cut the clutter with site: defense in depth will show pages containing the words defense depth will list the major pages on the site ext:pdf would list .pdf files on the MIS Training Institute's website

inanchor: anchor is the little "a" you see in html tags, e.g. <a href="url">. This is what the blue link says, </a>
It is also helpful in finding what people are saying about you or your organization, the search:
security inanchor:sans turned up:

(fortunately, link: did not match any documents)
allinanchor: alan paller will find pages where Alan Paller is the headline
allinanchor: penetration testing will help you find links to penetration testing
As a helpful tip, when using allinanchor, don't stop at page one of your results: we once found a group selling an electronic copy of one of our books for ten dollars on page 6 of Google.

Ways to find additional information: brings up some information and then allows you to get even more will sometimes let you see a file that an organization has taken down, Google caches for a week or so can sometimes find similar sites; it can help determine who the competition is, for example. This operator is not exact, but can be an eye-opener.

link: will show the links to a given web page, this can be useful to measure popularity: