Google Dork Cheat Sheet
Here’s a cheat sheet for Google Dorks, which are advanced search operators used to refine search results on Google:
Basic Search Operators:
- site: Search within a specific website.
site:example.com
- intitle: Search for a specific word in the title of a webpage.
intitle:keyword
- inurl: Search for a specific word in the URL of a webpage.
inurl:keyword
- filetype: Search for specific file types (e.g., PDF, DOC).
filetype:pdf
- related: Find webpages related to a specific URL.
related:example.com
Advanced Search Operators:
- OR: Search for pages that contain either term A or term B.
keyword1 OR keyword2
- AND: Search for pages that contain both term A and term B.
keyword1 AND keyword2
- –: Exclude specific terms from search results.
-keyword
- ***: Wildcard operator to match any word.
keyword *
- define: Find definitions of a specific word.
define:word
Specific Search Queries:
- “Exact Match”: Search for an exact phrase.
"exact phrase"
- inanchor: Search for specific anchor text in links.
inanchor:keyword
- cache: View Google’s cached version of a webpage.
cache:example.com
- AROUND(X): Search for terms within a certain proximity of each other.
term1 AROUND(5) term2
- info: Get information about a specific webpage.
info:example.com
Application-Specific Queries:
- weather: Get weather information for a specific location.
weather:location
- stocks: Get stock information.
stocks:company
- movie: Find movie information.
movie:title
- map: Find map results.
map:location
- book: Find book information.
book:title
Here are some Google Dorks that can be used to find various online devices, including cameras, routers, printers, and other network-connected devices:
- Webcams/Cameras:
inurl:/view/index.shtml
intitle:"Live View / - AXIS"
intitle:"Live View / - AXIS" | inurl:view/view.shtml
intitle:"Eagle-Eye" "Network Camera"
intitle:"Live NetSnap Cam-Server feed"
- Routers:
inurl:/home.asp
inurl:/index.htm
intitle:"Router Login" | inurl:/login.htm
intitle:"ADSL Configuration page"
intitle:"DSL Device Configuration"
- Printers:
intitle:"Hewlett-Packard" inurl:info_configuration.htm
intitle:"HP LaserJet" inurl:SSI/index.htm
intitle:"Print Server Status" intext:"Status (Offline)"
intitle:"Network Print Server" intext:"TCP/IP" intext:"LPR"
- Network Storage Devices:
intitle:"Index of" / "Size" / "Name"
intitle:"Index of" "Backup"
intitle:"Index of" "parent directory" "size" "last modified" "description"
intitle:"Index of" "Synology Web Station"
- Network Devices Configuration Pages:
intitle:"System Status" intext:"Router Statistics"
intitle:"Netgear" intext:"NETGEAR Router Configuration"
intitle:"ZyXEL Prestige Router" "Please log into the ZyXEL Prestige 100 router"
intitle:"Login - MikroTik RouterOS"
- Industrial Control Systems:
intitle:"SCADA System Login" inurl:/login.html
intitle:"HMI DOPSoft" inurl:/webserver/mainfrm.html
intitle:"Rockwell Automation - FactoryTalk View SE"
Here are some Google Dorks that can be used to find sensitive files and directories containing potentially confidential information:
- Files Containing Passwords:
filetype:ini "[PHOTO OF HOTEL FRONT DESK PERSONNEL]"
filetype:sql intext:password | pass | passwd | pwd
intitle:index.of htpasswd
intitle:"Index of" .htpasswd
- Configuration Files:
intitle:"Index of" .env
intitle:"Index of" .gitconfig
intitle:"Index of" config.php
intitle:"Index of" wp-config.php
- Backup Files:
intitle:"Index of" .bak
intitle:"Index of" .sql.bak
intitle:"Index of" .zip.bak
intitle:"Index of" .tar.gz.bak
- Log Files:
intitle:"Index of" access.log
intitle:"Index of" error.log
intitle:"Index of" login.log
- Database Dumps:
intitle:"Index of" database.sql
intitle:"Index of" dbdump.sql
intitle:"Index of" backup.sql
- Configuration Directories:
intitle:"Index of" .ssh
intitle:"Index of" .vscode
intitle:"Index of" .npm
intitle:"Index of" .docker
- Sensitive Documents:
filetype:pdf "CONFIDENTIAL" | "SECRET" | "SENSITIVE" | "INTERNAL USE ONLY"
filetype:doc "CONFIDENTIAL" | "SECRET" | "SENSITIVE" | "INTERNAL USE ONLY"
filetype:xls "CONFIDENTIAL" | "SECRET" | "SENSITIVE" | "INTERNAL USE ONLY"
- API Keys and Tokens:
intitle:index.of api_key
intitle:index.of aws_keys
intitle:index.of aws_secret
intitle:index.of api_secret
Here are some Google Dorks that can be used to find database backups and filesystem backups:
- Database Backup Files:
intitle:"Index of" "database.sql"
intitle:"Index of" "db_backup.sql"
intitle:"Index of" "backup.sql"
intitle:"Index of" "db.sql"
- Specific Database Backup Extensions:
intitle:"Index of" "*.sql.gz"
intitle:"Index of" "*.sql.bz2"
intitle:"Index of" "*.sql.zip"
intitle:"Index of" "*.sql.tar.gz"
- Filesystem Backup Files:
intitle:"Index of" "backup.tar.gz"
intitle:"Index of" "backup.zip"
intitle:"Index of" "backup.tar"
intitle:"Index of" "backup.tgz"
- Specific Filesystem Backup Extensions:
intitle:"Index of" "*.tar.gz"
intitle:"Index of" "*.tar.bz2"
intitle:"Index of" "*.zip"
intitle:"Index of" "*.tgz"
- Common Backup Folder Names:
intitle:"Index of" "backup"
intitle:"Index of" "backups"
intitle:"Index of" "old_backup"
intitle:"Index of" "archive"
- Database Backup Path Disclosure:
"db_backup.sql" filetype:sql -git -github
"database_backup.sql" filetype:sql -git -github
"backup.sql" filetype:sql -git -github
- Filesystem Backup Path Disclosure:
"backup.tar.gz" -git -github
"backup.zip" -git -github
"backup.tar" -git -github
Here are some Google Dorks that can be used to find passwords, login logs, and other related information:
- Passwords in Configuration Files:
intitle:"Index of" "passwords.txt"
intitle:"Index of" "password.txt"
intitle:"Index of" ".htpasswd"
- Login Logs and Access Logs:
intitle:"Index of" "access.log"
intitle:"Index of" "error.log"
intitle:"Index of" "login.log"
- Database Connection Strings and Configuration Files:
intitle:"Index of" "database_connection_string.txt"
intitle:"Index of" "database_config.php"
- Configuration Files Containing Passwords:
intitle:"Index of" "config.ini"
intitle:"Index of" "config.php"
intitle:"Index of" "config.txt"
- Specific Password Files:
intitle:"Index of" "passwd"
intitle:"Index of" "shadow"
- SSH Keys and Configuration Files:
intitle:"Index of" ".ssh"
intitle:"Index of" "id_rsa"
intitle:"Index of" "id_dsa"
- Other Password-related Files:
intitle:"Index of" "pwd.txt"
intitle:"Index of" "password_dump.txt"
intitle:"Index of" "login_credentials.txt"
- Common Password File Names:
intitle:"Index of" "password"
intitle:"Index of" "login"
- Login Pages with Sensitive Information:
intitle:"Login" intext:"Username" intext:"Password"
intitle:"Login" intext:"Login" intext:"Password"
Remember, using Google Dorks to find sensitive information like passwords and login logs can potentially lead to the discovery of confidential data. Always ensure that you have proper authorization and permission to access and interact with the files you discover. Unauthorized access to sensitive information may be illegal and can have serious consequences.