Skip to content

Google Dorks

Google Hacking or Google Dorks uses advanced search operators (Dorks) to find juicy information about target websites. For example finding specific versions of vulnerable Web applications. A search query with intitle:admbook intitle:Fversion filetype:php would locate all web pages that have that particular text contained within them. It is normal for default installations of applications to include their running version in every page they serve, for example, “Powered by XOOPS 2.2.3 Final”.

Some special google search operators and how it functions:

1. intitle:

This will ask google to show pages that have the term in their html title.

2. inurl:

Searches for specified term in the URL. For example:inurl:register.php

3. filetype:

Searched for certain file type. Example: filetype:pdfwill search for all the pdf files in the websites.

4. ext:

It works similar to filetype. Example: ext:pdf finds pdf extension files.

5. intext:

This will search content of the page. This works somewhat like plain google search

6. site:

This limits the search to a specific site only. Example: site:abc@d.com will limit search to only abc@d.com.

7. Cache:

This will show you cached version of any website. Example: cache: aa.com

8. *

This works like a wildcard. Example: How to * sites, will show you all the results like “how to…” design/create/hack, etc… “sites”

Basic Formula of Dork
"inurl:."domain"/"dorks" "

Here,
“inurl” = input URL
“domain” = your desired domain ex. .gov
“dorks” = your dork of your choice

Examples:

A simple example of a dork that does rely on an operator might be:

site:tacticaltech.org filetype:pdf

This googleDork will search https://tacticaltech.org for all PDF files hosted under that domain name.

Another example might look something like this:

inurl:exposing inbody:invisible

If the search term contains multiple words, they should be surrounded by quotation marks:

intext:exposing intitle:“the invisible”

Dorks can also be paired with a general search term. For example:

exposing feed:rss

or

exposing site:tacticaltech.org filetype:pdf

Here, “exposing” is the general search terms, and the operators “site” and “filetype” narrow down the results returned.

Complete list of Google Dork syntaxes are listed at:
exploit-db Google Hacking database.
Web Gui for Google Dorks:
https://pentest-tools.com/information-gathering/google-hacking