Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:00,240 --> 00:00:00,820 OK. 2 00:00:00,840 --> 00:00:07,980 Now on to what is going to be your absolute best friend in your entire life and in your career. 3 00:00:08,250 --> 00:00:11,280 Google Google everybody. 4 00:00:11,340 --> 00:00:17,120 I cannot stress how important it is to be good at googling and you know how to be amazing at it. 5 00:00:17,220 --> 00:00:23,840 But there are so many things that people approach me with that you can find on Google in a second. 6 00:00:23,900 --> 00:00:26,000 And if you've never seen the Let Me Google That For You. 7 00:00:26,010 --> 00:00:32,580 That's a that's a lot of my life when it comes to the questions I get asked in what makes a really good 8 00:00:32,580 --> 00:00:37,760 pen tester or really good anything especially in I.T. is the ability to Google. 9 00:00:37,800 --> 00:00:44,190 So being able to look this stuff up on your own and be able to find your own resources and find solutions 10 00:00:44,190 --> 00:00:50,700 to your problems are going to make you a way better pen Tester and just way better at your career with 11 00:00:50,700 --> 00:00:53,040 troubleshooting and everything else. 12 00:00:53,040 --> 00:00:57,720 So I'm done harping I just want to stress how important I think Google is. 13 00:00:57,720 --> 00:01:03,240 So I'm going to show you today what's called a little bit of google fu so I'm already out on the interweb 14 00:01:03,240 --> 00:01:04,860 so I'm out to Google. 15 00:01:04,860 --> 00:01:11,010 And here we've got Google up but I want to show you that I just search for Google Search syntax in the 16 00:01:11,010 --> 00:01:14,070 first one Google search operators came up. 17 00:01:14,280 --> 00:01:20,250 If you look at this page this is a really nice list of some things that you can run on Google and we'll 18 00:01:20,250 --> 00:01:21,330 help you out. 19 00:01:21,330 --> 00:01:26,820 I'm going to show you just a few things that we can use to search for and how we can start narrowing 20 00:01:26,820 --> 00:01:28,320 down some results. 21 00:01:28,350 --> 00:01:31,860 So if we go to Google and we just type in something like Tesla 22 00:01:34,540 --> 00:01:37,030 that's going to bring up Tesla here. 23 00:01:37,030 --> 00:01:37,300 OK. 24 00:01:37,300 --> 00:01:43,210 We found the main Tesla site but we're going to get news articles and we're gonna get all kinds of stuff. 25 00:01:43,240 --> 00:01:43,440 OK. 26 00:01:43,460 --> 00:01:45,820 We get the Twitter and maybe we want this. 27 00:01:45,880 --> 00:01:47,520 Maybe we do but maybe we don't. 28 00:01:47,560 --> 00:01:48,730 We don't want all this mess. 29 00:01:48,730 --> 00:01:56,350 Maybe we only want items from Tesla so he could just say something like site Tesla dot com which we've 30 00:01:56,350 --> 00:01:58,330 discovered here. 31 00:01:58,420 --> 00:02:04,400 And notice I'm not putting in the W WW Because that would limit us to that specific domain. 32 00:02:05,020 --> 00:02:12,700 So we have the WW WS in here but you could see that is starting to pull in something like shop and other 33 00:02:12,700 --> 00:02:13,380 items. 34 00:02:13,390 --> 00:02:13,810 Right. 35 00:02:13,810 --> 00:02:20,090 So we can search for tests that are calm and maybe maybe we don't want Tesla dot.com. 36 00:02:20,100 --> 00:02:27,960 W w w maybe we take out with the subtract here maybe we just take out w w w and we're going from six 37 00:02:27,960 --> 00:02:33,160 hundred and almost seven hundred thousand results to one hundred and thirty one thousand results and 38 00:02:33,160 --> 00:02:39,160 you can see now we're pulling in I r we're pulling in forms and we're pulling in shop we're getting 39 00:02:39,160 --> 00:02:42,480 all these different unique subdomains. 40 00:02:42,550 --> 00:02:47,760 So I've showed you some list here and I've showed you other ways to find subdomains including the harvester 41 00:02:47,980 --> 00:02:50,430 but you can find subdomains like this as well. 42 00:02:50,710 --> 00:02:57,520 And let's say you only want to find things like you know I IRR then we can come in and we can say IRR 43 00:02:57,550 --> 00:03:04,120 dot or maybe you don't want w w w and you don't want IRR you could take those both out and you start 44 00:03:04,120 --> 00:03:11,410 finding more like partners that tests shop again is coming up so you can start finding different subdomains 45 00:03:11,410 --> 00:03:11,850 this way. 46 00:03:12,880 --> 00:03:13,530 Pretty good. 47 00:03:14,080 --> 00:03:16,150 Couple other things that we could look for. 48 00:03:16,150 --> 00:03:23,980 What about file type we could say file type like this and we could search for something like I don't 49 00:03:23,980 --> 00:03:30,550 know Doc X music Doc x out there and there's one doc X case a survey. 50 00:03:30,550 --> 00:03:32,470 Probably not useful to us. 51 00:03:32,680 --> 00:03:37,450 Maybe we can search for PDX where the company's biggest Tesla is probably gonna be a lot to search through 52 00:03:37,480 --> 00:03:41,830 but there are thirty three hundred of these almost thirty four hundred of these. 53 00:03:41,830 --> 00:03:50,530 So they've got different items here that we can look through you know maybe Excel access Excel right. 54 00:03:50,530 --> 00:03:59,580 Actually that's X and you could see if there's any excel and CSP so what we're doing here what's the 55 00:03:59,580 --> 00:04:00,540 point in me doing this. 56 00:04:00,570 --> 00:04:06,810 Well the point of me doing this is me looking for potentially sensitive files out there or information 57 00:04:07,100 --> 00:04:10,400 you would be surprised a little bit of hunting on a domain. 58 00:04:10,410 --> 00:04:17,940 Now give granted here that Tesla is a big company big domain and it's gonna be hard to find some of 59 00:04:17,940 --> 00:04:18,660 this information. 60 00:04:18,660 --> 00:04:23,940 But you'd be very surprised with a little bit of prodding a little bit of google fu in narrowing down 61 00:04:24,270 --> 00:04:26,930 the type of results that you can get off of a company. 62 00:04:27,390 --> 00:04:30,350 I mean we can find all kinds of interesting stuff. 63 00:04:30,350 --> 00:04:39,090 For an example just the other day I found a backup page of an entire Web site just by doing something 64 00:04:39,090 --> 00:04:43,810 like this entire Web site credentials source code everything. 65 00:04:44,100 --> 00:04:46,730 And just through a little bit of Google. 66 00:04:46,800 --> 00:04:53,690 So again Google is your absolute best friend before you ask anybody a question no matter how complex 67 00:04:53,700 --> 00:04:56,550 I challenge you to google it first. 68 00:04:56,550 --> 00:05:03,350 Make sure you have done your research and then ask somebody you know it's just good to get in the habit 69 00:05:03,390 --> 00:05:06,550 in this is what is going to make or break you. 70 00:05:06,600 --> 00:05:11,180 I believe in your career so please please do not ignore the Google machine. 71 00:05:11,190 --> 00:05:17,090 It is out there to help you and it will pay your salary over and over again. 72 00:05:17,190 --> 00:05:18,540 So that's it for this video. 73 00:05:18,540 --> 00:05:23,640 We've got one more video left in this series or this subset. 74 00:05:23,640 --> 00:05:27,990 We're going to talk about a little bit about social media and how we can target that. 75 00:05:27,990 --> 00:05:29,910 So I'll catch you over in the next video. 7809