Open in app

Sign in

Write

Sign in

Google Dorking — Everything You Need To Know

N3NU
5 min readNov 3, 2022

Table of Contents

Introduction

site Filter

inurl Filter

intitle Filter

intext Filter

filetype Filter

Introduction

Yes, we know, you are a dork, but are you a Google Dork? If you are not then you absolutely should be! Google Dorking, also known as Google Hacking, is an advanced method of filtering Google search results. This technique can be used for innocuous or malicious purposes, but that is beyond the scope of this post. Table 1 below displays several filter types and gives an example and description for each. We will dive into further detail on each filter throughout this post. So, get ready to scrap your feeble Google search abilities and transcend into the world of Google Dorking.

Table 1: Google Dorking Filters, Examples, and Descriptions

site Filter

The site filter helps us narrow our Google search results to specific websites. For example, if we wanted to only see search results from starbucks.com, we would run the following query.

site:starbucks.com

You might notice that you also get the many subdomains that belong to the Starbucks website, see figure 1 below.

Figure 1: site:starbucks.com Google Results

If we only wanted to get results from a specific subdomain, we can achieve this by being more specific in our search and adding the subdomain we want to filter. For example, the following search returns webpages only pertaining to the one.starbucks.com subdomain.

site:one.starbucks.com
Figure 2: site:one.starbucks.com Google Results

We can also fine-tune our searches by excluding specific subdomains from our search. We can do this by using the -site filter to identify the subdomain we want to exclude from our results.

site:starbucks.com -site:one.starbucks.com

If we want to exclude more than one we just simply keep using the -site filter on each subdomain we want to omit. In figure 3, we see that we still get different Starbucks subdomains but we do not see the two we explicitly excluded.

site:starbucks.com -site:one.starbucks.com -site:www.starbucks.com
Figure 3: site:starbucks.com -site:one.starbucks.com -site:www.starbucks.com Google Results

inurl Filter

The inurl filter is useful when searching for keywords within the uniform resource locator (URL) of a website. Sticking with Starbucks as our example, let us try searching for pages which have the word “mocha” in the URL.

site:starbucks.com inurl:mocha

This search query returns Starbucks webpages which have the word “mocha” in its URL, see figure 4.

Figure 4: site:starbucks.com inurl:mocha Google Results

Clicking on the result shown in figure 4 and inspecting the URL, we see that the word “mocha” is found within the URL, see figure 5 below.

Figure 5: site:starbucks.com inurl:mocha Google Results URL Inspection

intitle Filter

We can use the intitle filter to search for titles containing specific words. Titles are the blue texts we see in the result of a Google search, see figure 5.

Figure 5: Example of a Search Result on Google

Let us try searching for titles which contain the text “index of /admin” using the intitle filter. If a website displays an “index of” page, this typically is an indicator that it is missing an index.html or index.php file in its directory. When searching for multiple words we need to add quotation marks around the text. Looking at the search result titles in figure 6 below, we see they all contain “index of /admin.”

intitle:"index of /admin"
Figure 6: intitle:”index of /admin” Google Results

intext Filter

The intext filter searches for keywords in the body of a website. We can run this command by itself but let us combine it with the intitle filter we just learned about.

intitle:"index of /admin" intext:password

As we can see in figure 7 below, the search result titles still contain “index of /admin” but now we see the body of the webpage containing the word “password.”

Figure 7: intitle:”index of /admin” intext:password Google Results

If we wanted to search for an additional keyword, for example “username”, we can modify the search as seen in figure 8. Notice we need to put the keywords of our intext filter between quotation marks.

intitle:"index of /admin" intext:"password" "username"
Figure 8: intitle:”index of /admin” intext:”password” “username” Google Results

filetype Filter

With the power of Google Dorking, we can also filter our searches to look for specific file types. The following filter will search for PDFs which have the words “password” and “username” within the file.

intext:"password" "username" filetype:pdf

Figure 9 displays the results of our query, showing we have successfully only pulled PDF files.

Figure 9: intext:”password” “username” filetype:pdf Google Results

Instead of searching for PDFs, let us now run the same query but this time search for xlsx files. Figure 10 now shows xlsx files holding the specified keywords, “password” and “username.”

intext:"password" "username" filetype:xls
Figure 10: intext:”password” “username” filetype:xls Google Results

I hope you have enjoyed evolving into a Google Dork. For more on this subject, check out the Google Hacking Database. Subscribe for more tools, tips, and tricks to add to your arsenal.

Until next time…

N3NU

Disclaimer: My content is for informational and educational purposes only. You may try out these hacks on your own computer at your own risk.

Cybersecurity
Penetration Testing
Hacking
Google
Osint

--

--

N3NU

Written by N3NU

239 Followers

Cybersecurity Analyst PNPT | OSCP | CCNA linkedin.com/in/stevencaraballo

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams