1
00:00:00,240 --> 00:00:00,820
OK.

2
00:00:00,840 --> 00:00:07,980
Now on to what is going to be your absolute best friend in your entire life and in your career.

3
00:00:08,250 --> 00:00:11,280
Google Google everybody.

4
00:00:11,340 --> 00:00:17,120
I cannot stress how important it is to be good at googling and you know how to be amazing at it.

5
00:00:17,220 --> 00:00:23,840
But there are so many things that people approach me with that you can find on Google in a second.

6
00:00:23,900 --> 00:00:26,000
And if you've never seen the Let Me Google That For You.

7
00:00:26,010 --> 00:00:32,580
That's a that's a lot of my life when it comes to the questions I get asked in what makes a really good

8
00:00:32,580 --> 00:00:37,760
pen tester or really good anything especially in I.T. is the ability to Google.

9
00:00:37,800 --> 00:00:44,190
So being able to look this stuff up on your own and be able to find your own resources and find solutions

10
00:00:44,190 --> 00:00:50,700
to your problems are going to make you a way better pen Tester and just way better at your career with

11
00:00:50,700 --> 00:00:53,040
troubleshooting and everything else.

12
00:00:53,040 --> 00:00:57,720
So I'm done harping I just want to stress how important I think Google is.

13
00:00:57,720 --> 00:01:03,240
So I'm going to show you today what's called a little bit of google fu so I'm already out on the interweb

14
00:01:03,240 --> 00:01:04,860
so I'm out to Google.

15
00:01:04,860 --> 00:01:11,010
And here we've got Google up but I want to show you that I just search for Google Search syntax in the

16
00:01:11,010 --> 00:01:14,070
first one Google search operators came up.

17
00:01:14,280 --> 00:01:20,250
If you look at this page this is a really nice list of some things that you can run on Google and we'll

18
00:01:20,250 --> 00:01:21,330
help you out.

19
00:01:21,330 --> 00:01:26,820
I'm going to show you just a few things that we can use to search for and how we can start narrowing

20
00:01:26,820 --> 00:01:28,320
down some results.

21
00:01:28,350 --> 00:01:31,860
So if we go to Google and we just type in something like Tesla

22
00:01:34,540 --> 00:01:37,030
that's going to bring up Tesla here.

23
00:01:37,030 --> 00:01:37,300
OK.

24
00:01:37,300 --> 00:01:43,210
We found the main Tesla site but we're going to get news articles and we're gonna get all kinds of stuff.

25
00:01:43,240 --> 00:01:43,440
OK.

26
00:01:43,460 --> 00:01:45,820
We get the Twitter and maybe we want this.

27
00:01:45,880 --> 00:01:47,520
Maybe we do but maybe we don't.

28
00:01:47,560 --> 00:01:48,730
We don't want all this mess.

29
00:01:48,730 --> 00:01:56,350
Maybe we only want items from Tesla so he could just say something like site Tesla dot com which we've

30
00:01:56,350 --> 00:01:58,330
discovered here.

31
00:01:58,420 --> 00:02:04,400
And notice I'm not putting in the W WW Because that would limit us to that specific domain.

32
00:02:05,020 --> 00:02:12,700
So we have the WW WS in here but you could see that is starting to pull in something like shop and other

33
00:02:12,700 --> 00:02:13,380
items.

34
00:02:13,390 --> 00:02:13,810
Right.

35
00:02:13,810 --> 00:02:20,090
So we can search for tests that are calm and maybe maybe we don't want Tesla dot.com.

36
00:02:20,100 --> 00:02:27,960
W w w maybe we take out with the subtract here maybe we just take out w w w and we're going from six

37
00:02:27,960 --> 00:02:33,160
hundred and almost seven hundred thousand results to one hundred and thirty one thousand results and

38
00:02:33,160 --> 00:02:39,160
you can see now we're pulling in I r we're pulling in forms and we're pulling in shop we're getting

39
00:02:39,160 --> 00:02:42,480
all these different unique subdomains.

40
00:02:42,550 --> 00:02:47,760
So I've showed you some list here and I've showed you other ways to find subdomains including the harvester

41
00:02:47,980 --> 00:02:50,430
but you can find subdomains like this as well.

42
00:02:50,710 --> 00:02:57,520
And let's say you only want to find things like you know I IRR then we can come in and we can say IRR

43
00:02:57,550 --> 00:03:04,120
dot or maybe you don't want w w w and you don't want IRR you could take those both out and you start

44
00:03:04,120 --> 00:03:11,410
finding more like partners that tests shop again is coming up so you can start finding different subdomains

45
00:03:11,410 --> 00:03:11,850
this way.

46
00:03:12,880 --> 00:03:13,530
Pretty good.

47
00:03:14,080 --> 00:03:16,150
Couple other things that we could look for.

48
00:03:16,150 --> 00:03:23,980
What about file type we could say file type like this and we could search for something like I don't

49
00:03:23,980 --> 00:03:30,550
know Doc X music Doc x out there and there's one doc X case a survey.

50
00:03:30,550 --> 00:03:32,470
Probably not useful to us.

51
00:03:32,680 --> 00:03:37,450
Maybe we can search for PDX where the company's biggest Tesla is probably gonna be a lot to search through

52
00:03:37,480 --> 00:03:41,830
but there are thirty three hundred of these almost thirty four hundred of these.

53
00:03:41,830 --> 00:03:50,530
So they've got different items here that we can look through you know maybe Excel access Excel right.

54
00:03:50,530 --> 00:03:59,580
Actually that's X and you could see if there's any excel and CSP so what we're doing here what's the

55
00:03:59,580 --> 00:04:00,540
point in me doing this.

56
00:04:00,570 --> 00:04:06,810
Well the point of me doing this is me looking for potentially sensitive files out there or information

57
00:04:07,100 --> 00:04:10,400
you would be surprised a little bit of hunting on a domain.

58
00:04:10,410 --> 00:04:17,940
Now give granted here that Tesla is a big company big domain and it's gonna be hard to find some of

59
00:04:17,940 --> 00:04:18,660
this information.

60
00:04:18,660 --> 00:04:23,940
But you'd be very surprised with a little bit of prodding a little bit of google fu in narrowing down

61
00:04:24,270 --> 00:04:26,930
the type of results that you can get off of a company.

62
00:04:27,390 --> 00:04:30,350
I mean we can find all kinds of interesting stuff.

63
00:04:30,350 --> 00:04:39,090
For an example just the other day I found a backup page of an entire Web site just by doing something

64
00:04:39,090 --> 00:04:43,810
like this entire Web site credentials source code everything.

65
00:04:44,100 --> 00:04:46,730
And just through a little bit of Google.

66
00:04:46,800 --> 00:04:53,690
So again Google is your absolute best friend before you ask anybody a question no matter how complex

67
00:04:53,700 --> 00:04:56,550
I challenge you to google it first.

68
00:04:56,550 --> 00:05:03,350
Make sure you have done your research and then ask somebody you know it's just good to get in the habit

69
00:05:03,390 --> 00:05:06,550
in this is what is going to make or break you.

70
00:05:06,600 --> 00:05:11,180
I believe in your career so please please do not ignore the Google machine.

71
00:05:11,190 --> 00:05:17,090
It is out there to help you and it will pay your salary over and over again.

72
00:05:17,190 --> 00:05:18,540
So that's it for this video.

73
00:05:18,540 --> 00:05:23,640
We've got one more video left in this series or this subset.

74
00:05:23,640 --> 00:05:27,990
We're going to talk about a little bit about social media and how we can target that.

75
00:05:27,990 --> 00:05:29,910
So I'll catch you over in the next video.