Skip to content

Instantly share code, notes, and snippets.

@michele-tn

michele-tn/Google Dorking: Hacking with Google.md

Last active May 18, 2025 03:25
Show Gist options
  • Save michele-tn/72e98318c1994baec01c6247510ccdb9 to your computer and use it in GitHub Desktop.
Save michele-tn/72e98318c1994baec01c6247510ccdb9 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
Google Dorking: Hacking with Google.md

πŸ” Google Dorking: Hacking with Google

"Google is your best friend... if you know how to ask."

πŸ“– What is Google Dorking?

Google Dorking (or Google Hacking) is an advanced technique used to refine Google searches using specific operators to uncover hidden or sensitive information exposed on the web. This method is widely used in:

  • Penetration Testing
  • Security Auditing
  • Open Source Intelligence (OSINT)
  • Bug Bounty Programs

It allows researchers to identify misconfigured servers, inadvertently shared documents, exposed credentials, and more β€” all indexed by Google's powerful search engine.

🧠 How Does It Work?

Google supports a series of search operators that can be used in combination to uncover very specific results. These advanced queries go beyond normal searches to extract deeply buried content.

πŸ” Common Search Operators

Operator Description Example
site: Limits search results to a specific domain site:example.com
filetype: Finds specific file types filetype:pdf
intitle: Looks for keywords in the page title intitle:"index of"
inurl: Searches for keywords in the URL inurl:admin
cache: Displays Google’s cached version of a page cache:example.com
ext: Alias for filetype: ext:xls
intext: Finds text within the page body intext:"password"
allintitle: Finds all terms in the title allintitle:login page
allinurl: Finds all terms in the URL allinurl:dashboard admin
AROUND(X) Searches terms within X words of each other "login" AROUND(5) "admin"

πŸ§ͺ Practical Examples

⚠️ Warning: These examples are for educational use only. Do not attempt unauthorized scanning or access.

πŸ” Admin Login Panels

intitle:"admin login"
inurl:adminlogin
site:example.com inurl:admin

πŸ—‚οΈ Exposed Directories

intitle:"index of /" site:example.com
intitle:"index of" "parent directory"
intitle:"index of" passwd

πŸ“„ Publicly Available Documents

filetype:pdf site:gov confidential
filetype:xls intext:"ssn"
filetype:doc "internal use only"
filetype:log password

πŸ”‘ Credential Leaks

intext:"DB_PASSWORD" filetype:env
filetype:config intext:"password"
ext:ini intext:"root"

πŸ“· Live Webcams

inurl:"MultiCameraFrame?Mode=Motion"

VB Viewer inurl:/viewer/live/ja/live.html

inurl:control/camerainfo

intitle:"webcamXP 5" -download

inurl:"/view/view.shtml?id="

inurl:/view/viewer_index.shtml

intext:"powered by webcamXP 5"

intitle:"webcam 7" inurl:"8080" -intext:"8080"

intitle:"Live View /- AXIS" |inurl:view/view.shtml OR inurl:view/indexFrame.shtml |intitle:"MJPG Live Demo" |intext:"Select preset position"

🧾 Log Files and Backups

filetype:log inurl:"/logs/"
intitle:"index of" backup
ext:bak | ext:old | ext:backup

πŸ” SQL Dumps

filetype:sql "insert into"
filetype:sql password

🎯 Use Cases

  • πŸ”Ž OSINT Investigations: Collect public-facing data about targets.
  • πŸ” Pentesting: Identify common security misconfigurations and leaks.
  • 🧰 DevSecOps: Detect exposed files before they become vulnerabilities.
  • πŸ“’ Bug Bounties: Locate asset exposures for responsible disclosure.

πŸ”’ Defensive Measures

βœ… Best Practices

  1. Implement robots.txt

    User-agent: *
Disallow: /admin/
Disallow: /config/
Disallow: /private/

  2. Restrict File Indexing

    • Disable auto-indexing on web servers (Options -Indexes in Apache).
    • Use .htaccess rules for directory protection.

  3. Authentication and Authorization

    • Protect sensitive areas with login prompts and role-based access.

  4. Remove Sensitive Metadata

    • Strip metadata from files before uploading them to the web.

  5. Monitor and Audit

    • Regularly search your own domains using dorks.
    • Set up Google Alerts to watch for unusual mentions.

  6. Use Web Application Firewalls

    • Tools like Cloudflare or ModSecurity can block suspicious bot access.

🧰 Recommended Tools & Resources

πŸ“Œ Real-World Incidents

Google Dorking has been involved in notable data exposure cases including:

  • Government documents made searchable by misconfigured CMS platforms.
  • Exposed credentials on development subdomains.
  • Backup files containing API keys accidentally stored in web root folders.

These incidents underline the importance of regular asset auditing and secure development practices.

πŸ§‘β€πŸ« Educational Purpose Only

This repository and its content are intended for educational and ethical cybersecurity research only.

Never use Google Dorking for unauthorized access, data theft, or malicious activities. Violating privacy or security laws may result in criminal prosecution.

Always obtain explicit permission before scanning or analyzing any system not owned by you.

🀝 Contributing

Do you have more useful dorks, techniques, or tools? Open an issue or submit a pull request. Contributions are welcome from the community!

πŸ“š License

This project is licensed under the MIT License. See the LICENSE file for more information.

Β© This guide is provided strictly for educational and informational use. Stay legal. Stay ethical.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment