Advanced Google Dork Cheat Sheet

In this Article I have explained few google dork queries which will help you to perform specific searches and ignore unwanted search results. You can use these queries for information gathering, footprinting, and finding any file types easily over google. In the end I have also tried to explain about Shodan tool which can be used to gather deep information about particular IP, device or organization.

Advanced Google Dork Cheat Sheet
Advanced Google Dork Cheat Sheet

Exposed FTP Servers: By performing google search using below query will display ftp (file transfer protocol) servers of the websites. You can use this query and combine with other queries to find exposed ftp servers of the particular website. You will be able to access files and folders of the websites which are having weak security.

intitle:”index of” inurl:ftp

Email Lists: Most of the spammers or people who wants to do a email marketing uses this google query which displays the various lists of email addresses.

filetype:txt inurl:”email.txt”

Live Cameras: You can use any of the following query to access insecure cameras over internet. It will not ask you to enter credentials to access these cameras.

inurl:”view.shtml” “Network Camera”

“Camera Live Image” inurl:”guestimage.html”

Passwords: If you want to search for sensitive files which contains password information of multiple users which are publicly exposed then you can try to perform any of the search query on google.

site:pastebin.com intext:admin.password

“admin_password” ext:txt | ext:log | ext:cfg

filetype:log intext:password after:2016 intext:@gmail.com | @yahoo.com | @hotmail.com

Login Portals: Most of the site owners don’t want their admin pages to be revealed publicly as hackers may try to crack it’s credentials using brute-forcing method. But below queries will display the login pages of the various sites including admin pages too. You can combine any of the query with tags which I have explained in this article to find admin URL for the target site.

inurl:”admin/default.aspx”

intitle:’olt web management interface’

intitle:”WEB SERVICE” “wan” “lan” “alarm”

Sensitive Directories: If you want to search for the sensitive directories or files like .env which contains information related to databases and credentials then you can search for any of the queries mentioned below. To find more sensitive directories/files, you can search for these queries on google hacking database which I have explained in the end of the article.

intitle:Index of “/venv”

intitle:Index of “.env”

Online Devices: To find various type of devices which are not secured and accessible over internet you can use following query.

inurl:viewer/live/index.html

File Types: If you want to download a specific file type over internet and getting so many search results but it didn’t helps as most of the websites don’t uploads the file and just to gain traffic they creates a page with download option then you can use the below query and replace pdf with the filetype which you are looking for.

filetype:pdf

Subdomains: Whenever we performs a google search and it displays search result for other sites too and you are bored of this then you can use below query to display search results for the particular site only. Just replace medium.com with the site which you are searching for.

site:medium.com

Site Titles: To find a specific keyword in the website title, you can use the following query. To find a page with specific title in a particular website then you can combine this query with the site tag which I have explained above.

intitle:decrypt3r

Site Juicy Information: To gather juicy information about websites which should not be accessible or searchable over internet, you can use any of the below query.

inurl:/sym404/root

filetype:reg [HKEY_USERSDEFAULT]

intitle: “index of” intext: human resources

Shodan.io: By using this tool you can gather very sensitive information about multiple organisations, IPs as well as devices. This is the one of the most used footprinting tool which is used by hackers to gather information about the organisations, their exposed IPs and open ports.

Also refer: Google Hacking Database to find more google dork queries.

https://www.exploit-db.com/google-hacking-database

I hope you like this article, for more articles you can follow my profile.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Decrypt3r

Decrypt3r

Advanced Threat Support Engineer