Some Google Dorks Stuff That Will make you a hackrman


SUBMITTED BY: tachyon

DATE: June 14, 2022, 9:38 a.m.

FORMAT: Text only

SIZE: 6.2 kB

HITS: 60

  1. Google search is case sensitive when we use logical operators. So you cannot type oR, or anD, instead use uppercase or symbols.
  2. OR can be replaced by pipe symbol | .
  3. NOT can be replaced by minus(ess) symbol - .
  4. AND can be replaced by single space (pressing space), but results may differ if we type AND specifically between words.
  5. City City - show flights from one city to another, even if you enter IATA airport code like ‘PRG LON’
  6. Link - finds sites that link to your specific domain, like “link:ma-no.org”
  7. .. - Search within a range of numbers, like ‘2002 .. 2020’ or ‘$25..$75’
  8. In - converts units, example ‘inches in a foot’
  9. Site - show your searched term within specific site, like ‘site:elcorteingles.es watches’ or specific domain ‘site:uk amazon’
  10. Allintitle - shows results with the searched phrase in the title, ‘allintitle:nasa moon landing’
  11. Intitle - shows result with a single term in the title, example ‘intitle: "sauce"’
  12. Inblogtitle - shows results of blogs with the searched phrase in the title, ‘inblogtitle: programming’
  13. Inposttitle - shows results with a single term in the title, like ‘inposttitle: programming’
  14. Allintext - shows results to pages with the terms in the content, example ‘Allintext: recipes for a weekend’
  15. Allinanchor - shows sites with your search term in links, example
  16. Allinurl
  17. Inurl - shows results with your first search term in the URL and the second term is content, ‘Inurl: movies view’
  18. Allinpostauthor - shows content that is written by yours searched author, example ‘allinpostauthor: Bukowski’
  19. Related - shows results that are related to your searched URL, ‘related:NYtimes.com’
  20. Info - shows information about searched domain, like ‘Info:diariodemallorca.com’
  21. Define - ‘define:dorking’ will return definition of the given word.
  22. Source - searches for mentions of a specific person or thing in a certain news source. ‘metro source:diario de mallorca’
  23. Location - shows articles based on specified location, like ‘location:Mallorca beaches’
  24. Filetype - Find documents of the specified type, example ‘filetype:pdf cats’
  25. Ext - Very similar to Filetype but we can seek uncommon extensions for more accurate results, example ‘ext:flac mysong’
  26. Movie - shows times for a specific movie in a specific location
  27. Weather - show results for weather in a specific location, example “weather:palma de mallorca”
  28. Stocks - shows stock price of a specific company. I.e ‘stocks:Starbucks’
  29. Cache - shows most recent cache of specific webpage, example ‘cache:ma-no.org’
  30. Map - shows map of specified location, like ‘map:"sierra de tramuntana"’
  31. Equation - calculates numbers, for example ‘10x4’
  32. Tip calculator - calculator to help you decide how much to tip, example ‘’
  33. Minute timer - shows a timer with your specified time, like ‘2 minute timer’
  34. Stopwatch - shows a stopwatch, example ‘stopwatch’
  35. Sunrise | Sunset - shows the time of sunrise and sunset for specific location, example ‘sunrise palma’
  36. Flight number - shows the status of a specific flight, example ‘FR 6363’
  37. Sports team - shows the score of a current game ‘real madrid barcelona’
  38. Insubject - Find group messages with specific content, like ‘insubject:"website crawlers" ’
  39. Group - Finds group messages from specific source, example ‘group:"google dorks" ’
  40. Numrange - Finds range of numbers in a query upto 5 digits
  41. Daterange - Searches in range of dates, with use of julian dates, example ‘daterange:2452463.5 2452464’
  42. Msgid - Message Identification Line used in email and Usenet newsgroups.
  43. In this article you can read more about google “secret” queries .
  44. https://www.ma-no.org/en/security/google...-of-google.
  45. Some examples of these
  46. This query would search text files in sites which have domain .org and in the text file it searches for strings “password OR passwords OR contraseñas OR login OR contraseña”.
  47. filetype:txt site:web.com password|passwords|contraseñas|login|contraseña
  48. This query shows registers of conversations that remained on servers.
  49. “Index of” / “chat/logs”
  50. This searches for backup directories.
  51. intitle:"index of" inurl:/backup
  52. This searches mp3 files on various types of servers
  53. intitle:index.of mp3
  54. This shows spilled data from MySQL databases where you are searching for pass|password|passwd|pwd.
  55. filetype:sql “MySQL dump” (pass|password|passwd|pwd)
  56. We can use some of these techniques to localize cameras of the manufacturer AXIS.
  57. Inurl:axis-cgi
  58. Inurl:"lvappl.htm"
  59. We can obtain some feed of the IP cameras, some of them we can even control.
  60. inurl:”ViewerFrame?Mode=”
  61. If you’re into webcams, here is good source of query strings. Its a bit creepy if you ever wondered if somebody could be watching some(yours) feed?
  62. http://suryachandiran.blogspot.com/2015/05/google-hacking-to-hack-into-live.html
  63. inurl:top.htm inurl:currenttime
  64. inurl:”lvappl.htm”
  65. This can show enjoyable reading among government sited files of type PDF.
  66. site:gov filetype:pdf allintitle:restricted
  67. This query searches documents with sensitive character, but in the intranet of the sites.
  68. inurl:intranet filetype:doc confidential
  69. This is supposed to find the .LOG files accidentally exposed on the internet.
  70. allintext:password filetype:log after:2020
  71. This searches for string “username” in a log type files
  72. allintext:username filetype:log
  73. This will expose .env files - used by various popular web development frameworks to declare general variables and configurations for local as well as dev environment.
  74. DB_USERNAME filetype:env
  75. DB_PASSWORD filetype:enc=v
  76. The file robots.txt is for preventing crawlers and spiders or any other search engine to enter into your website and you can block indexing specific pages or directories with it. Anyhow, by typing a query like this, you can look into different robots.txt files to see what you are not able to access.
  77. “robots.txt” “disallow:” filetype:txt
  78. These queries help you browse open FTP servers
  79. intitle:"index of" inurl:ftp
  80. intitle:"index of" inurl:http after:2020
  81. Search for specific website under defined domain
  82. inurl:.es/index.php?id=
  83. SSH private keys
  84. intitle:index.of id_rsa -id_rsa.pub
  85. Putty logs
  86. filetype:log username putty
  87. Email lists
  88. filetype:xls inurl:"email.xls"

comments powered by Disqus