Google Hacking or Dorking uses the Google Search engine to search for results with exact precision. Whether using Google Dorking to find a picture of yourself and see what websites have that picture, finding related search terms, or to find exposed passwords(which does happen). You can do a lot with Google hacking.
Keep this in mind, Google hacking is not illegal; these are operators that Google provides all users to get precise information from their database. Like many things in life, it can be used for good or for more nefarious situations. As with all our articles and information this is for educational information only and should be used in ethical ways.
Google Dorking Tips
Here are a few key tips to keep in mind as you learn Google Hacking.
- Spaces are not used for grammar in code. Spaces in code are a change of thought, they are a unique identifier in most coding languages. Spaces should be used to separate keywords – they should not separate search filters from the operator. As an example, site:target.com report is the correct usage, site: target.com report is the wrong usage because there is a space between site: and target.com. Keep in mind that search filters like intitle: since you are searching for keywords only in the title – all keywords are operators. For example, intitle:secret door will search for both words secret and door, not just secret. So the usage of keywords is different with each search filter. But overall, keep that habit of no spaces between the search filter and the first operator.
- You can add as many keywords or filters as you want in a single string to isolate your search terms. As long as you keep with the first rule, you can tack on as many terms as you want.
Google Dorking Breakdown
In this example of site:target.com report, this searches for a site called ‘target.com’ and for a page in that site that has the word report. As long as you stick with this, you can combine more search filters together. Remember to separate all keywords with spaces. So, this could be site:target.com report program password
In this example, what are the keywords? report, program, and password are the keywords, and they are separated by a space.
Let’s say you want to add to this; what would your next search filter look like? site:target.com report program password intitle:Secret File
So, in this example, you are searching the site ‘target.com’ and want to see pages on that site that have the words ‘report’, ‘program’, and ‘password’ somewhere in the text and the words ‘Secret” and “File” must be somewhere in the title of those pages.
If, at this point you still struggling with understanding, don’t worry, look at the cheat sheet and try it out yourself. Combine different search filters and operators, and keywords, and you will see very quickly what comes up. Google will highlight the keywords you are searching for in the text, so it’s fairly easy to see what you are searching for and what Google interpreted.
In all cases, this is the pattern you want to follow. First, put your search filter, followed by your operator, then add your keywords. So, the below example will look like ‘site:target.com report’, and then you can add another search filter and continue to isolate your search. You can have as many keywords as you want in each search filter.
Search Filter
Google’s built-in search parameter.
Operator
The argument you are using or the thing you are targeting.
Keyword
(optional) this searches for this keyword on the page of the operator used.
site:
target.com
report
Google Dorking Cheat Sheet
Filter/Command
Google’s built-in search parameters or commands
Is/For
A definition of the filter/command being used.
Example
An example of how to use the filter/command.
Description
A description of what the example is doing.
site:
searched a specifitc site/url/IP and then lists all the results for that site.
site:target.com report
Searches for pages only at target.com and looks for pages that include “report” in the text.
link:
searches for pages that link to a specific page
link:target.com report
Searches for any pages that link to target.com that have the text “report” anywhere on that page.
filetype:
searches for a specific file type
filetype:pdf report
Searches for any pages with the filetype provided.
inurl:
search for a keyword that is located inside the URL
inurl:login report
Search for any web pages that have the word login in the URL and that have the text “report” somewhere on that page.
inanchor:
Search for a keyword found in an anchor text on the page
inanchor:login report
Search for a page that has an anchor text (a label for a link) with the word login and has the word report on that page.
intitle:
Search for a keyword found in the title (H1 tag) of a page
intitle:door
Searches for the word “door” in an H1 tag of a page.
intext:
Searches for a keyword that is located in the text of a page
intext:buddy
Searches for the word buddy located in the text of a page.
related:
Searches for a website that is related to the keyword
related:facebook.com
Search for a related website that is like facebook.com (like linkedin.com, twitter.com, and so forth)
cache:
Searches for the version of a website that google has in its cache
cache:target.com
Will provide the snapshot of the website in the cache and the date last cached.
imagesize:
Search for an image with the exact size.
imagesize:1200×800
will provide an image with 1200×800(works well with src:)
src:
Search for a particular image from URL.
src:https://picture
.com/images/dog-cat.png
Will present the provided image – not just from the domain listed but from all domains with that image.
~
provides synonyms for the keyword
intext:~login
~login will provide results for that word as well as all synonyms of that word.
*
wildcard
site:*.facebook.com
*.facebook.com will provide all subdomains of Facebook. (its like says, give me everything you have here)
&
and operator
site:twitter.com & site:facebook.com
Provides information from both sites.
|
or operator
site:twitter.com | site:facebook.com
Provides information for one or the other.
” ”
target search term
intext:”Bob Smith”
It provides information on Bob Smith and only provides pages when those two words follow each other in that exact order.
–
do not include
inurl:.pdf -open
Provide pages where the URL contains “.pdf” but does not contain the word”open” in the URL.
Advanced Usage Example
site:Facebook.com inurl:secret beach intext:jpg -intitle:bland
This provides results from only Facebook.com in the URL within Facebook. The words secret and beach have to be found in any order. The text of that result contains the word jpg and doesn’t deliver anything that has the word “bland” in the title.
This is a silly example but it provides some details on how to combine filters and operators.
If you would copy that advanced search term in Google search, what would you find? Pictures and pages of “secret” beach locations. You can add more terms to narrow your scope, but hopefully, this gives you some ideas on how to implement Google Dorking.
You can find more info about his topic on Google documentation.
If you have any questions or would like to talk more about web development, web security, or online marketing contact us today.