Google Dorks, or Google hacking, is a technique to find information that is not readily available through normal search queries. It involves using advanced search operators to filter results more effectively. Here’s a list of commonly used Google Dorks along with their explanations:
-
site:
- Usage:
site:example.com - Explanation: Limits search results to a specific website.
- Example:
site:example.comwill return all indexed pages fromexample.com.
- Usage:
-
inurl:
- Usage:
inurl:admin - Explanation: Finds URLs that contain the specified word or phrase.
- Example:
inurl:loginwill show pages with “login” in the URL.
- Usage:
-
intitle:
- Usage:
intitle:index of - Explanation: Searches for pages with a specific word or phrase in the title.
- Example:
intitle:adminwill return pages with “admin” in the title.
- Usage:
-
filetype:
- Usage:
filetype:pdf - Explanation: Searches for files of a specific type.
- Example:
filetype:pdfwill return PDF files.
- Usage:
-
intext:
- Usage:
intext:password - Explanation: Searches for pages that contain a specific word or phrase in the text.
- Example:
intext:confidentialwill show pages containing the word “confidential”.
- Usage:
-
link:
- Usage:
link:example.com - Explanation: Finds pages that link to a specific URL.
- Example:
link:example.comwill show pages that link toexample.com.
- Usage:
-
cache:
- Usage:
cache:example.com - Explanation: Displays the cached version of a webpage.
- Example:
cache:example.comshows the cached version ofexample.com.
- Usage:
-
related:
- Usage:
related:example.com - Explanation: Finds websites similar to the specified URL.
- Example:
related:example.comwill show websites related toexample.com.
- Usage:
-
allinurl:
- Usage:
allinurl:login password - Explanation: Searches for pages with all specified words in the URL.
- Example:
allinurl:login adminwill return URLs containing both “login” and “admin”.
- Usage:
-
allintitle:
- Usage:
allintitle:admin login - Explanation: Finds pages with all specified words in the title.
- Example:
allintitle:admin loginwill show pages with both “admin” and “login” in the title.
- Usage:
-
allintext:
- Usage:
allintext:username password - Explanation: Searches for pages with all specified words in the text.
- Example:
allintext:username passwordwill return pages containing both “username” and “password”.
- Usage:
-
“search term”
- Usage:
"sensitive information" - Explanation: Finds exact phrases.
- Example:
"company secrets"will return pages containing the exact phrase “company secrets”.
- Usage:
-
OR
- Usage:
login OR admin - Explanation: Finds pages containing either one word or another.
- Example:
login OR adminwill show pages containing either “login” or “admin”.
- Usage:
-
AND
- Usage:
login AND admin - Explanation: Finds pages containing both words.
- Example:
login AND adminwill return pages containing both “login” and “admin”.
- Usage:
-
-
- Usage:
-example - Explanation: Excludes pages containing the specified word.
- Example:
-loginwill exclude pages with the word “login”.
- Usage:
-
+
- Usage:
+example - Explanation: Forces the inclusion of a specific word in search results.
- Example:
+loginwill force the inclusion of “login” in search results.
- Usage:
Here are a few practical examples of Google Dorks for reconnaissance:
-
Finding exposed directories:
intitle:"index of /"
-
Searching for login pages:
inurl:loginintitle:login
-
Finding public documents:
filetype:pdf site:example.comfiletype:xls site:example.com
-
Discovering vulnerabilities:
inurl:/phpinfo.phpintitle:"phpmyadmin" "Welcome to phpMyAdmin"
-
Sensitive data exposure:
intext:"confidential" filetype:pdfintext:"password" filetype:xls
These Google Dorks can help you gather information about a website, its structure, and potentially exposed sensitive data. However, it’s important to use these tools ethically and responsibly, adhering to legal and ethical guidelines.