How I Found Internal Dashboards Using Google Dorks + OSINT

A cybersecurity researcher has explained how using simple Google techniques, also known as Google Dorking, can uncover a wealth of organisations’ internal information that is often unintentionally exposed online.
The trick lies in searching for known URL extensions used by organisations for specific tools, which can grant full admin access to these tools, offering a goldmine of intelligence for hackers and threat actors.
The URL extensions to look for include the likes of Jenkins, Grafana, Kibana, and Splunk, as these are commonly used by sysadmins to manage configurations.
It is advisable for companies to ensure that these links are not exposed online unless they want to grant external access to their systems, as doing so could pose a significant security risk.
Meanwhile, individuals can use these tips for ethical hacking and carrying out OSINT (Open Source Intelligence) practices to identify vulnerabilities and expose them before any potential malicious activity can take place.

Fast Feed