What is Google dorking?

Published on

Google dorking, also known as Google hacking, is the practice of using advanced search operators to find information that is not readily available on the internet. This is specific to Google search, hence the name, but other search engines may provide similar functionality.

By using specific keywords and operators, Google makes it possible for users to search for specific files, documents, and websites that may be hidden or not easily accessible. This technique can be used for a variety of purposes, including finding sensitive information, identifying security vulnerabilities, and uncovering hidden content on the internet.

Below are some examples of Google dorks:

  • Use site: to limit the search results to a specific domain, e.g. site:inkyvoxel.com
  • Use inurl: to search for specific text in the URL, e.g. inurl:admin
  • Use intitle: to search for a specific word or phrase in the title of a website, e.g. intitle:index of /
  • Use intext: to find pages that contain a specific word or phrase, e.g. intext:password
  • Use filetype: to find specific file extensions, e.g. filetype:pdf

You can also combine these operators together to make your search more specific. For example, you could use site:github.com intext:API_KEY to search GitHub for pages which have API_KEY in the body.

There are many resources that provide a list of operators that can be used for Google dorking. Some great resources include:

Closing thoughts

Google dorking can be a powerful tool, but it can also be used for nefarious purposes. Please use some caution while you're exploring the internet!

This post was tagged: