Google Dorks , also known as Google Dorking or Google Hacking, is a valuable resource for security researchers. For the average person, Google is just a search engine used to find text, images, videos, and news online. However, in the infosec world, Google is a useful OSINT security tool.
Search filters
| Filter | Description | Example |
| :————– |:—————————————————| :————————————|
| allintext | Searches for occurrences of all the keywords given. | allintext:"keyword" |
| intext | Searches for the occurrences of keywords all at once or one at a time. | intext:"keyword" |
| inurl | Searches for a URL matching one of the keywords. | inurl:"keyword" |
| allinurl | Searches for a URL matching all the keywords in the query. | allinurl:"keyword" |
| intitle | Searches for occurrences of keywords in title all or one. | intitle:"keyword" |
| allintitle | Searches for occurrences of keywords all at a time. | allintitle:"keyword" |
| site | Specifically searches that particular site and lists all the results for that site. | site:"www.google.com" |
| filetype | Searches for a particular filetype mentioned in the query. | filetype:"pdf" |
| link | Searches for external links to pages. | link:"keyword" |
| numrange | Used to locate specific numbers in your searches. | numrange:321-325 |
| before/after | Used to search within a particular date range. | filetype:pdf & (before:2000-01-01 after:2001-01-01) |
| allinanchor (and also inanchor) | This shows sites which have the keyterms in links pointing to them, in order of the most links. | inanchor:rat |
| allinpostauthor (and also inpostauthor) | Exclusive to blog search, this one picks out blog posts that are written by specific individuals. | allinpostauthor:"keyword" |
| related | List web pages that are “similar” to a specified web page. | related:www.google.com |
| cache | Shows the version of the web page that Google has in its cache. | cache:www.google.com |
Examples
intext:"index of /"
Nina Simone intitle:”index.of” “parent directory” “size” “last modified” “description” I Put A Spell On You (mp4|mp3|avi|flac|aac|ape|ogg) -inurl:(jsp|php|html|aspx|htm|cf|shtml|lyrics-realm|mp3-collection) -site:.info
Bill Gates intitle:”index.of” “parent directory” “size” “last modified” “description” Microsoft (pdf|txt|epub|doc|docx) -inurl:(jsp|php|html|aspx|htm|cf|shtml|ebooks|ebook) -site:.info
parent directory DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
parent directory MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
parent directory Name of Singer or album -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
filetype:config inurl:web.config inurl:ftp
“Windows XP Professional” 94FBR
ext:(doc | pdf | xls | txt | ps | rtf | odt | sxw | psw | ppt | pps | xml) (intext:confidential salary | intext:”budget approved”) inurl:confidential
Operators
Search Term
This operator searches for the exact phrase within speech marks only. This is ideal when the phrase you are using to search is ambiguous and could be easily confused with something else, or when you’re not quite getting relevant enough results back. For example:
"Tinned Sandwiches"
OR
This self explanatory operator searches for a given search term OR an equivalent term.
site:facebook.com | site:twitter.com
AND
site:facebook.com & site:twitter.com
Operators combination
(site:facebook.com | site:twitter.com) & intext:"login"
(site:facebook.com | site:twitter.com) (intext:"login")
Include results
This will order results by the number of occurrence of the keyword.
-site:facebook.com +site:facebook.*
Exclude results
site:facebook.* -site:facebook.com
Synonyms
Adding a tilde to a search word tells Google that you want it to bring back synonyms for the term as well. For example, entering “~set” will bring back results that include words like “configure”, “collection” and “change” which are all synonyms of “set”. Fun fact: “set” has the most definitions of any word in the dictionary.
~set
Glob pattern (*)
Putting an asterisk in a search tells Google ‘I don’t know what goes here’. Basically, it’s really good for finding half remembered song lyrics or names of things.
site:*.com
Source: https://github.com/Divinemonk/google_dork_cheatsheet