Google dorking, also known as Google hacking, is the practice of using advanced search operators to find information that is not readily available on the internet. This is specific to Google search, hence the name, but other search engines may provide similar functionality.
By using specific keywords and operators, Google makes it possible for users to search for specific files, documents, and websites that may be hidden or not easily accessible. This technique can be used for a variety of purposes, including finding sensitive information, identifying security vulnerabilities, and uncovering hidden content on the internet.
Below are some examples of Google dorks:
site:to limit the search results to a specific domain, e.g.
inurl:to search for specific text in the URL, e.g.
intitle:to search for a specific word or phrase in the title of a website, e.g.
intitle:index of /
intext:to find pages that contain a specific word or phrase, e.g.
filetype:to find specific file extensions, e.g.
You can also combine these operators together to make your search more specific. For example, you could use
site:github.com intext:API_KEY to search GitHub for pages which have
API_KEY in the body.
There are many resources that provide a list of operators that can be used for Google dorking. Some great resources include:
- A list of Google search operators on the Google website: https://support.google.com/websearch/answer/2466433?hl=en
- The Google Hacking Database (GHDB), which has examples of advanced Google dorks, maintained by Offensive Security: https://www.exploit-db.com/google-hacking-database
Google dorking can be a powerful tool, but it can also be used for nefarious purposes. Please use some caution while you're exploring the internet!