16 min read
Last updated: Aug 29, 2022
How to Use Google Dorks?
To use a Google Dork, you simply type in a Dork into the search box on Google and press “Enter”. Here are some of the best Google Dork queries that you can use to search for information on Google.
Google Dork Queries Examples:
- site:.edu “phone number”– This Dork searches for websites on .edu domains that contain the words “phone number”. student “phone number” – This Dork searches for websites on .edu domains that contain the words “student” and “phone number”.
- inurl:edu “login” – This Dork searches for websites on .edu domains that contain the words “login”. This Dork searches for school websites that contain student login information.
- “powered by vbulletin” site:.edu – This Dork searches for websites on .edu domains that contain the words “powered by vbulletin”. This Dork searches for school websites that are running on the vbulletin forum software.
- “powered by vbulletin” site:.gov – This Dork searches for websites on .gov domains that contain the words “powered by vbulletin”. This Dork searches for governmental websites that are running on the vbulletin forum software.
- “powered by vbulletin” site:.mil – This Dork searches for websites on .mil domains that contain the words “powered by vbulletin”. This Dork searches for military websites that are running on the vbulletin forum software.
- “powered by vbulletin” inurl:.edu – This Dork searches for websites on .edu domains that contain the words “powered by vbulletin”. This Dork searches for school websites that are running on the vbulletin forum software.
- “powered by vbulletin” inurl:.mil – This Dork searches for websites on .mil domains that contain the words “powered by vbulletin”. This Dork searches for military websites that are running on the vbulletin forum software.
- inurl:.com “powered by vbulletin” – This Dork searches for websites on .com domains that contain the words “powered by vbulletin”. This Dork searches for websites that are running on the vbulletin forum software.
- inurl:.edu “register forum” – This Dork searches for websites on .edu domains that contain the words “register forum”. This Dork searches for school websites that allow you to register for a forum.
- inurl:.gov “register forum” – This Dork searches for websites on .gov domains that contain the words “register forum”. This Dork searches for governmental websites that allow you to register for a forum.
Scraper API provides a proxy service designed for web scraping. With over 20 million residential IPs across 12 countries, as well as software that can handle JavaScript rendering and solving CAPTCHAs, you can quickly complete large scraping jobs without ever having to worry about being blocked by any servers.
cache:
- [cache:www.google.com web] will show the cachedcontent with the word “web” highlighted. This functionality is also accessible byclicking on the “Cached” link on Google’s main results page. The query [cache:] willshow the version of the web page that Google has in its cache. For instance,[cache:www.google.com] will show Google’s cache of the Google homepage.
link:
- [link:www.google.com] will list webpages that have links pointing to theGoogle homepage.
related:
See Also200+ Best High DA Directory Submission Sites in July 2022200+ Best High DA Directory Submission Sites in July 2022 (2023)Top 10 Splunk Competitors & AlternativesTop 5 Carding Forums- [related:www.google.com] will list web pages that are similar tothe Google homepage.
info:
- [info:www.google.com] will show information about the Googlehomepage.
define:
- The query [define:] will provide a definition of the words you enter after it,gathered from various online sources. The definition will be for the entire phraseentered (i.e., it will include all the words in the exact order you typed them). Eg: [define:google]
stocks:
- If you begin a query with the [stocks:] operator, Google will treat the restof the query terms as stock ticker symbols, and will link to a page showing stockinformation for those symbols. For instance, [stocks: intc yhoo] will show informationabout Intel and Yahoo. (Note you must type the ticker symbols, not the company name.)
site:
- If you include [site:] in your query, Google will restrict the results to thosewebsites in the given domain. For instance, [help site:www.google.com] will find pagesabout help within www.google.com. [help site:com] will find pages about help within.com urls. Note there can be no space between the “site:” and the domain.
allintitle:
- If you start a query with [allintitle:], Google will restrict the resultsto those with all of the query words in the title. For instance,[allintitle: google search] will return only documents that have both “google”and “search” in the title.
intitle:
- If you include [intitle:] in your query, Google will restrict the resultsto documents containing that word in the title. For instance, [intitle:google search]will return documents that mention the word “google” in their title, and mention theword “search” anywhere in the document (title or no). Putting [intitle:] in front of everyword in your query is equivalent to putting [allintitle:] at the front of yourquery: [intitle:google intitle:search] is the same as [allintitle: google search].
allinurl:
- If you start a query with [allinurl:], Google will restrict the results tothose with all of the query words in the url. For instance, [allinurl: google search]will return only documents that have both “google” and “search” in the url. Notethat [allinurl:] works on words, not url components. In particular, it ignorespunctuation. Thus, [allinurl: foo/bar] will restrict the results to page with thewords “foo” and “bar” in the url, but won’t require that they be separated by aslash within that url, that they be adjacent, or that they be in that particularword order. There is currently no way to enforce these constraints.
inurl:
- If you include [inurl:] in your query, Google will restrict the results todocuments containing that word in the url. For instance, [inurl:google search] willreturn documents that mention the word “google” in their url, and mention the word“search” anywhere in the document (url or no). Putting “inurl:” in front of every word in yourquery is equivalent to putting “allinurl:” at the front of your query:[inurl:google inurl:search] is the same as [allinurl: google search].
Google Dorks Updated Database:
Nina Simone intitle:”index.of” “parent directory” “size” “last modified” “description” I Put A Spell On You (mp4|mp3|avi|flac|aac|ape|ogg) -inurl:(jsp|php|html|aspx|htm|cf|shtml|lyrics-realm|mp3-collection) -site:.infoBill Gates intitle:”index.of” “parent directory” “size” “last modified” “description” Microsoft (pdf|txt|epub|doc|docx) -inurl:(jsp|php|html|aspx|htm|cf|shtml|ebooks|ebook) -site:.infoparent directory /appz/ -xxx -html -htm -php -shtml -opendivx -md5 -md5sumsparent directory DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sumsparent directory Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sumsparent directory Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sumsparent directory MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sumsparent directory Name of Singer or album -xxx -html -htm -php -shtml -opendivx -md5 -md5sumsfiletype:config inurl:web.config inurl:ftp“Windows XP Professional” 94FBRext:(doc | pdf | xls | txt | ps | rtf | odt | sxw | psw | ppt | pps | xml) (intext:confidential salary | intext:"budget approved") inurl:confidentialext:(doc | pdf | xls | txt | ps | rtf | odt | sxw | psw | ppt | pps | xml) (intext:confidential salary | intext:”budget approved”) inurl:confidentialext:inc "pwd=" "UID="ext:ini intext:env.iniext:ini Version=... passwordext:ini Version=4.0.0.4 passwordext:ini eudora.iniext:ini intext:env.iniext:log "Software: Microsoft Internet Information Services _._"ext:log "Software: Microsoft Internet Informationext:log "Software: Microsoft Internet Information Services _._"ext:log \"Software: Microsoft Internet Information Services _._\"ext:mdb inurl:_.mdb inurl:fpdb shop.mdbext:mdb inurl:_.mdb inurl:fpdb shop.mdbext:mdb inurl:_.mdb inurl:fpdb shop.mdbfiletype:SWF SWFfiletype:TXT TXTfiletype:XLS XLSfiletype:asp DBQ=" _ Server.MapPath("_.mdb")filetype:asp "Custom Error Message" Category Sourcefiletype:asp + "[ODBC SQL"filetype:asp DBQ=" _ Server.MapPath("_.mdb")filetype:asp DBQ=\" _ Server.MapPath(\"_.mdb\")filetype:asp “Custom Error Message” Category Sourcefiletype:bak createobject safiletype:bak inurl:"htaccess|passwd|shadow|htusers"filetype:bak inurl:\"htaccess|passwd|shadow|htusers\"filetype:conf inurl:firewall -intitle:cvsfiletype:conf inurl:proftpd. PROFTP FTP server configuration file revealsfiletype:dat "password.datfiletype:dat \"password.dat\"filetype:eml eml +intext:"Subject" +intext:"From" +intext:"To"filetype:eml eml +intext:\"Subject\" +intext:\"From\" +intext:\"To\"filetype:eml eml +intext:”Subject” +intext:”From” +intext:”To”filetype:inc dbconnfiletype:inc intext:mysql*connectfiletype:inc mysql_connect OR mysql_pconnectfiletype:log inurl:"password.log"filetype:log username putty PUTTY SSH client logs can reveal usernamesfiletype:log “PHP Parse error” | “PHP Warning” | “PHP Error”filetype:mdb inurl:users.mdbfiletype:ora orafiletype:ora tnsnamesfiletype:pass pass intext:useridfiletype:pdf "Assessment Report" nessusfiletype:pem intext:privatefiletype:properties inurl:db intext:passwordfiletype:pst inurl:"outlook.pst"filetype:pst pst -from -to -datefiletype:reg reg +intext:"defaultusername" +intext:"defaultpassword"filetype:reg reg +intext:\"defaultusername\" +intext:\"defaultpassword\"filetype:reg reg +intext:â? WINVNC3â?filetype:reg reg +intext:”defaultusername” +intext:”defaultpassword”filetype:reg reg HKEY* Windows Registry exports can revealfiletype:reg reg HKEY_CURRENT_USER SSHHOSTKEYSfiletype:sql "insert into" (pass|passwd|password)filetype:sql ("values _ MD5" | "values _ password" | "values _ encrypt")filetype:sql (\"passwd values\" | \"password values\" | \"pass values\" )filetype:sql (\"values _ MD\" | \"values _ password\" | \"values _ encrypt\")filetype:sql +"IDENTIFIED BY" -cvsfiletype:sql passwordfiletype:sql passwordfiletype:sql “insert into” (pass|passwd|password)filetype:url +inurl:"ftp://" +inurl:";@"filetype:url +inurl:\"ftp://\" +inurl:\";@\"filetype:url +inurl:”ftp://” +inurl:”;@”filetype:xls inurl:"email.xls"filetype:xls username password emailindex of: intext:Gallery in Configuration modeindex.of passlistindex.of perform.ini mIRC IRC ini file can list IRC usernames andindex.of.dcimindex.of.passwordintext:" -FrontPage-" ext:pwd inurl:(service | authors | administrators | users)intext:""BiTBOARD v2.0" BiTSHiFTERS Bulletin Board"intext:"# -FrontPage-" ext:pwd inurl:(service | authors | administrators | users) "# -FrontPage-" inurl:service.pwdintext:"#mysql dump" filetype:sqlintext:"#mysql dump" filetype:sql 21232f297a57a5a743894a0e4a801fc3intext:"A syntax error has occurred" filetype:ihtmlintext:"ASP.NET_SessionId" "data source="intext:"About Mac OS Personal Web Sharing"intext:"An illegal character has been found in the statement" -"previous message"intext:"AutoCreate=TRUE password=_"intext:"Can't connect to local" intitle:warningintext:"Certificate Practice Statement" filetype:PDF | DOCintext:"Certificate Practice Statement" inurl:(PDF | DOC)intext:"Copyright (c) Tektronix, Inc." "printer status"intext:"Copyright © Tektronix, Inc." "printer status"intext:"Emergisoft web applications are a part of our"intext:"Error Diagnostic Information" intitle:"Error Occurred While"intext:"Error Message : Error loading required libraries."intext:"Establishing a secure Integrated Lights Out session with" OR intitle:"Data Frame - Browser not HTTP 1.1 compatible" OR intitle:"HP Integrated Lights-intext:"Fatal error: Call to undefined function" -reply -the -nextintext:"Fill out the form below completely to change your password and user name. If new username is left blank, your old one will be assumed." -eduintext:"Generated by phpSystem"intext:"Generated by phpSystem"intext:"Host Vulnerability Summary Report"intext:"HostingAccelerator" intitle:"login" +"Username" -"news" -demointext:"IMail Server Web Messaging" intitle:loginintext:"Incorrect syntax near"intext:"Index of" /"chat/logs"intext:"Index of /network" "last modified"intext:"Index of /" +.htaccessintext:"Index of /" +passwdintext:"Index of /" +password.txtintext:"Index of /admin"intext:"Index of /backup"intext:"Index of /mail"intext:"Index of /password"intext:"Microsoft (R) Windows _ (TM) Version _ DrWtsn32 Copyright (C)" ext:logintext:"Microsoft CRM : Unsupported Browser Version"intext:"Microsoft ® Windows _ ™ Version _ DrWtsn32 Copyright ©" ext:logintext:"Network Host Assessment Report" "Internet Scanner"intext:"Network Vulnerability Assessment Report"intext:"Network Vulnerability Assessment Report"intext:"Network Vulnerability Assessment Report" 本文来自 pc007.comintext:"SQL Server Driver][SQL Server]Line 1: Incorrect syntax near"intext:"Thank you for your order" +receiptintext:"Thank you for your order" +receiptintext:"Thank you for your purchase" +downloadintext:"The following report contains confidential information" vulnerability -searchintext:"phpMyAdmin MySQL-Dump" "INSERT INTO" -"the"intext:"phpMyAdmin MySQL-Dump" filetype:txtintext:"phpMyAdmin" "running on" inurl:"main.php"intextpassword | passcode) intextusername | userid | user) filetype:csvintextpassword | passcode) intextusername | userid | user) filetype:csvintitle:"index of" +myd sizeintitle:"index of" etc/shadowintitle:"index of" htpasswdintitle:"index of" intext:connect.incintitle:"index of" intext:globals.incintitle:"index of" master.passwdintitle:"index of" master.passwd 007 电脑资讯intitle:"index of" members OR accountsintitle:"index of" mysql.conf OR mysql_configintitle:"index of" passwdintitle:"index of" people.lstintitle:"index of" pwd.dbintitle:"index of" spwdintitle:"index of" user_carts OR user_cartintitle:"index.of \*" admin news.asp configview.aspintitle:("TrackerCam Live Video")|("TrackerCam Application Login")|("Trackercam Remote") -trackercam.comintitle:(“TrackerCam Live Video”)|(“TrackerCam Application Login”)|(“Trackercam Remote”) -trackercam.cominurl:admin inurl:userlist Generic userlist files"'dsn: mysql:host=localhost;dbname=" ext:yml | ext:txt "password:""* Authentication Unique Keys and Salts" ext:txt | ext:log"-- Dumped from database version" + "-- Dumped by pg_dump version" ext:txt | ext:sql | ext:env | ext:log"-- Dumping data for table `admin`" | "-- INSERT INTO `admin`" "VALUES" ext:sql | ext:txt | ext:log | ext:env"-- Server version" "-- MySQL Administrator dump 1.4" ext:sql"DefaultPassword" ext:reg "[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon]""Powered by vBulletin(R) Version 5.6.3""System" + "Toner" + "Input Tray" + "Output Tray" inurl:cgi"The SQL command completed successfully." ext:txt | ext:log"change the Administrator Password." intitle:"HP LaserJet" -pdf"define('DB_USER'," + "define('DB_PASSWORD'," ext:txt"define('SECURE_AUTH_KEY'" + "define('LOGGED_IN_KEY'" + "define('NONCE_KEY'" ext:txt | ext:cfg | ext:env | ext:ini"index of" "/home/000~ROOT~000/etc""index of" inurl:database ext:sql | xls | xml | json | csv"keystorePass=" ext:xml | ext:txt -git -gitlab"mailer_password:" + "mailer_host:" + "mailer_user:" + "secret:" ext:yml"putty.log" ext:log | ext:cfg | ext:txt | ext:sql | ext:env"secret_key_base:" ext:exs | ext:txt | ext:env | ext:cfg/etc/certs + "index of /" * intext:"login" intitle:"server login"site:user.*.* intitle:"login"ssh_host_dsa_key.pub + ssh_host_key + ssh_config = "index of / "Using special search string for Web Server Detection:
inurl:?XDEBUG_SESSION_START=phpstorminurl:/config/device/wcdinurl:\"/phpmyadmin/user_password.phpintext:\"SonarQube\" + \"by SonarSource SA.\" + \"LGPL v3\"inurl:/xprober ext:phpintext:\"Healthy\" + \"Product model\" + \" Client IP\" + \"Ethernet\"inurl:/phpPgAdmin/browser.phpext:php | intitle:phpinfo \"published by the PHP Group\"allintext:\"Index Of\" \"sftp-config.json\"inurl:_vti_bin/Authentication.asmx\"Powered by 123LogAnalyzer\"intitle:Snoop Servletallintitle:\"Pi-hole Admin Console\"intitle:\"Lists Web Service\"intitle:\"Monsta ftp\" intext:\"Lock session to IP\"intitle:\"Microsoft Internet Information Services 8\" -IISintext:\"index of /\" \"Index of\" access_loginurl:\"id=*\" & intext:\"warning mysql_fetch_array()\"\"index of /private\" -site:net -site:com -site:orginurl:\":8088/cluster/apps\"intitle:\"index of\" \"docker.yml\"intitle:\"index of\" \"debug.log\" OR \"debug-log\"intext:\"This is the default welcome page used to test the correct operation of the Apache\"Powered by phpBB\" inurl:\"index.php?s\" OR inurl:\"index.php?style\"intitle:\"index of\" \"powered by apache \" \"port 80\"intitle:\"Web Server's Default Page\" intext:\"hosting using Plesk\" -wwwsite:ftp.*.com \"Web File Manager\"intitle:\"Welcome to JBoss\"intitle:\"Welcome to nginx!\" intext:\"Welcome to nginx on Debian!\" intext:\"Thank you for\"intitle:\"index of\" \"Served by Sun-ONE\"-pub -pool intitle:\"index of\" \"Served by\" \"Web Server\"intitle:\"index of\" \"server at\"Using special search string to find vulnerable websites:
inurl:php?=id1inurl:index.php?id=inurl:trainers.php?id=inurl:buy.php?category=inurl:article.php?ID=inurl:play_old.php?id=inurl:declaration_more.php?decl_id=inurl:pageid=inurl:games.php?id=inurl:page.php?file=inurl:newsDetail.php?id=inurl:gallery.php?id=inurl:article.php?id=inurl:show.php?id=inurl:staff_id=inurl:newsitem.php?num= andinurl:index.php?id=inurl:trainers.php?id=inurl:buy.php?category=inurl:article.php?ID=inurl:play_old.php?id=inurl:declaration_more.php?decl_id=inurl:pageid=inurl:games.php?id=inurl:page.php?file=inurl:newsDetail.php?id=inurl:gallery.php?id=inurl:article.php?id=inurl:show.php?id=inurl:staff_id=inurl:newsitem.php?num=inurl: 1051/viewer/live/index.html?lang=eninurl: inurl:"view.shtml" ext:shtmlinurl:"/?q=user/password/"inurl:"/cgi-bin/guestimage.html" "Menu"inurl:"/php/info.php" "PHP Version"inurl:"/phpmyadmin/user_password.phpinurl:"servicedesk/customer/user/login"inurl:"view.shtml" "Network"inurl:"view.shtml" "camera"inurl:"woocommerce-exporter"inurl:/?op=registerinurl:/Jview.htm + "View Video - Java Mode"inurl:/Jview.htm + intext:"Zoom :"inurl:/adfs/ls/?SAMLRequestinurl:/adfs/ls/idpinitiatedsignoninurl:/adfs/oauth2/authorizeinurl:/cgi-bin/manlist?sectioninurl:/eftclient/account/login.htminurl:/homej.html?inurl:/index.html?size=2&mode=4inurl:/pro_users/logininurl:/wp-content/themes/altair/inurl:/xprober ext:phpinurl:RichWidgets/Popup_Upload.aspxinurl:Sitefinity/Authenticate/SWTinurl:adfs inurl:wctx inurl:wtrealm -microsoft.cominurl:authorization.pinginurl:https://trello.com AND intext:@gmail.com AND intext:passwordinurl:idp/Authn/UserPasswordinurl:idp/prp.wsfinurl:login.seaminurl:nidp/idff/ssoinurl:oidc/authorizeinurl:opac_cssinurl:weblogin intitle:("USG20-VPN"|"USG20W-VPN"|USG40|USG40W|USG60|A Google Dork is a search query that looks for specific information on Google’s search engine. Google Dorks are developed and published by hackers and are often used in “Google Hacking”.
Google Dorks are extremely powerful. They allow you to search for a wide variety of information on the internet and can be used to find information that you didn’t even know existed.
Because of the power of Google Dorks, they are often used by hackers to find information about their victims or to find information that can be used to exploit vulnerabilities in websites and web applications.
Google Search Engine is designed to crawl anything over the internet and this helps us to find images, text, videos, news and plethora of information sources. With it’s tremendous capability to crawl, it indexes data along the way, which also includes sensitive information like email addresses, login credentials, sensitive files, website vulnerabilities, and even financial information. In many cases, We as a user won’t be even aware of it.
Google Dork is a search query that we give to Google to look for more granular information and retrieve relevant information quickly. For example, try to search for your name and verify results with a search query [inurl:your-name]. Analyse the difference. You just have told google to go for a deeper search and it did that beautifully.
Google search service is never intended to gain unauthorised access of data but nothing can be done if we ourselves kept data in the open and do not follow proper security mechanisms.
Essentially emails, username, passwords, financial data and etc. shouldn’t be available in public until and unless it’s meant to be. Example, our details with the bank are never expected to be available in a google search. But our social media details are available in public because we ourselves allowed it.
Ending Note
Google Search is very useful as well as equally harmful at the same time. Because it indexes everything available over the web.
You need to follow proper security mechanisms and prevent systems to expose sensitive data. Follow OWASP, it provides standard awareness document for developers and web application security.
Scraper API provides a proxy service designed for web scraping. With over 20 million residential IPs across 12 countries, as well as software that can handle JavaScript rendering and solving CAPTCHAs, you can quickly complete large scraping jobs without ever having to worry about being blocked by any servers.
Note: By no means Box Piper supports hacking. This article is written to provide relevant information only. Always adhering to Data Privacy and Security.
