1. Home
Feeling StupidKeyboard Layout

Google Dorking

Master advanced Google search operators for OSINT, security research, and finding exposed sensitive information.

What is Google Dorking?

Google Dorking (also known as Google Hacking) is the practice of using advanced search operators to find sensitive information that is publicly accessible but not intended to be found easily.

Legal Notice: Only use these techniques on systems you own or have explicit permission to test. Unauthorized access to systems is illegal.
  • Purpose: Security research, vulnerability assessment, OSINT gathering
  • Risk: Can expose passwords, admin panels, confidential documents
  • Prevention: Proper robots.txt, authentication, and access controls

Basic Search Operators

OperatorDescriptionExampleResult
site:Search within a specific websitesite:example.com passwordFind pages containing "password" on example.com
intitle:Search for words in page titleintitle:"index of"Find directory listings
inurl:Search for words in URLinurl:adminFind admin pages
intext:Search for words in page contentintext:"username" "password"Find pages with login credentials
filetype:Search for specific file typesfiletype:pdf confidentialFind PDF documents marked confidential
ext:Search by file extensionext:sqlFind SQL database files
cache:View Google's cached versioncache:example.comSee cached version of website
Sensitive Documents

Find exposed documents:

  • filetype:xls inurl:"email.xls"
  • filetype:doc intext:"confidential"
  • filetype:pdf "salary" OR "compensation"
  • ext:txt inurl:passwords
  • filetype:log intext:"password"
Database Files

Locate database exports:

  • filetype:sql "INSERT INTO"
  • ext:sql intext:"CREATE TABLE"
  • filetype:sql intext:password
  • ext:bak inurl:backup
  • filetype:mdb inurl:database
Configuration Files

Find configuration files:

  • filetype:env "DB_PASSWORD"
  • filetype:ini "mysql_connect"
  • filetype:conf inurl:firewall
  • ext:config intext:"api_key"
  • filetype:yml database password
Login Pages

Discover admin panels:

  • intitle:"admin panel"
  • inurl:admin intitle:login
  • intitle:"please login" "admin"
  • inurl:wp-admin
  • inurl:/admin/login.php

Advanced Dorking Techniques

Combining Operators:

Use multiple operators for precise results:

  • site:example.com filetype:pdf intext:"internal use only"
  • site:*.edu intitle:"index of" intext:"parent directory"
  • inurl:"/phpinfo.php" intitle:"PHP Version"
Exclusion with minus operator:
  • site:example.com -inurl:www - Exclude www subdomain
  • filetype:pdf -site:example.com - PDFs not from example.com
Wildcards and ranges:
  • site:*.example.com - All subdomains
  • "error * 2020..2024" - Date range search

Google Dorking Tools

Automated Tools:
  • GoogleDorker: Python tool for automated dorking
  • Pagodo: Passive Google dork script
  • GooFuzz: Command line Google dorking tool
  • Metagoofil: Metadata extraction via Google
  • FOCA: Fingerprinting and data gathering
Dork Databases:
  • Google Hacking Database (GHDB): Exploit-DB's collection
  • DorkSearch.com: Pre-made dork queries
  • Dorks Eye: Google dorking tool with database
  • BugBountyDorks: Bug bounty focused queries

Protection Against Google Dorking

Technical Controls:
  • Implement proper robots.txt file
  • Use authentication for sensitive areas
  • Configure proper file permissions
  • Remove directory listing (Options -Indexes)
  • Use .htaccess to block crawlers
  • Implement CAPTCHA on login pages
  • Regular security audits and scanning
Best Practices:
  • Never store passwords in plain text
  • Remove sensitive files from public directories
  • Use environment variables for configuration
  • Implement proper access controls
  • Regular Google dorking self-assessment
  • Monitor Google Search Console
  • Use Google's URL removal tool when needed
Pro Tip: Regularly search for your own domain using these techniques to identify potential exposures before attackers do.