Google Dorking

Google Dork Collections

• https://github.com/BullsEye0/google_dork_list

• https://github.com/rootac355/SQL-injection-dorks-list

• https://github.com/unexpectedBy/SQLi-Dork-Repository

• https://github.com/thomasdesr/Google-dorks

• https://github.com/arimogi/Google-Dorks

• https://github.com/aleedhillon/7000-Google-Dork-List

• Bug Bounty Dorks

  • https://github.com/sushiwushi/bug-bounty-dorks

  • https://github.com/hackingbharat/bug-bounty-dorks-archive/blob/main/bbdorks

  • https://github.com/Vinod-1122/bug-bounty-dorks/blob/main/Dorks.txt

• Backlinks

  • https://github.com/alfazzafashion/Backlink-dorks

  • https://www.techywebtech.com/2021/08/backlink-dorks.html

  • https://www.blackhatworld.com/seo/get-backlinks-yourself-1150-dorks-for-forum-hunting.380843/

  • CMS Dorks

    • Wordpress https://pastebin.com/A9dsmgHQ

    • Magento https://pastebin.com/k75Y2QhF

    • Joomla https://pastebin.com/vVQFTzVC

Google Dorking Cheatsheet

• @[Search term] Searches a keyword on social media

• “Search term” Searches an exact match

• “Search * term” Searches the * for any wildcard

• (+) (-) (“) (.) (*) (|) (“String” | String) Force inclusion of something common Exclude a search term Use quotes around a search phrase A single-character wildcard Any word boolean ‘OR‘ Parenthesis group queries 06 cache:[url] Searches for cached versions of a site or page

• numrange[#]..[#]

• daterange:startdate-enddate Must be expressed in *Julian time (and only in integers)

  • The number of days that have passed since January 1, 4713 B.C. unlike Gregorian days (those on the calendar)

• link: [url] Shows links to the URL and helps determine site relation- ships and more importantly trust relationships; this gets treated like normal search text (not a modifier) when com- bined with other search terms though.

• related: [url] Searches related to your search term

• intitle: string to search Show only those pages that have the term in their html title

• allintitle:[string] Similar to intitle, but looks for all the specified terms in the title

• inurl: [string] Searches for the specified term in the url; for example inurl:”login.php”. (Can also do :port)

• allinurl:[url] Same as inurl, but searches for all terms in the url

• intext:“String to search” Searches the content of the page and similar to a plain Google search; for example intext:”index of /”.

• allintext: “String to search” Similar to intext, but searches for all terms to be present in the text 07 filetype: [xls] Searches for specific file types; filetype:pdf will looks for pdf files in websites.

• phonebook:[name]

• [URL]&strip=1 Added to the end of a cached URL only shows Google’s text, not the target’s; perform a Google search, right-click copy/ paste the link and then paste the URL adding &strip=1

• site.com/search?q=inurl:admin.PhP&start=10 Changing your query to vary the extension case and modifying the query can help defeat some of Google’s blockers which work to defeat your search query

• site.com/search?q=@email.com Searching for email addresses

• site:site.com -site:obivousresult.com Eliminates obvious results, reducing most public, top ‘ranked’ unwanted results and bringing more useful results to the top of the search; you are looking for the relation- ship of links in both inbound and outbound directions

• inurl: Port scanning, can be combined with the site operator

• inurl:8080 -intext:8080 Servers listening on port 8080 removing results with 8080 in the page

• filetype:inc intext:mysql_connect filetype:sql + “IDENTIFIED BY” -cvs Search combinations that goes after files with cleartext SQL passwords and credentials

• intitle:”VNC viewer” Example of a search for sites that launch a VNC client

Source: https://know.bishopfox.com/hubfs/mkt-coll/Bishop-Fox-Breaking-and-Entering-Pocket-Guide.pdf