Google Dorking

Google hacking, also named Google dorking, is a hacker technique that uses Google Search and other Google applications to find security holes in the configuration and computer code that websites are using. Google dorking could also be used for OSINT (Open Source Intelligence). This can be used to find information that was made public on accident. You can find more information about your targets this way. This can be very entertaining: finding public cameras, password lists, peoples files and passwords, gov documents, admin panels, and much more.

Basics of Google Dorking

"search string" - web pages that contain the exact same string

string | string - between queries will return results for each string

site: wikipedia.org - search for certain words on a website

-site: wikipedia.org - do not show results for a website

inurl:"view.shtml" "Network Camera" - find network cameras

?intitle:index.of? mp3 artist_name - find mp3 files of songs

intitle:"index of" inurl:ftp - find exposed FTP servers

filetype:txt inurl:"email.txt" - email lists (Government emails can be found)

filetype:ppt gulf war - find supported files

allintext:username filetype:log - find usernames and password logfiles

intitle:"Index of..etc" passwd - Linux machines with directory exposed

index of any-show-name - Find shows and movies for free

ethical hacking site:drive.google.com - Find free courses

index of software-name - Find free software

ext:log “Software: Microsoft Internet Information Services *.*” - Microsoft ISS server logs (online activity)

® AT Products LLC

The Script Community is the author and AT Products LLC is publisher of this article/story.