Home / Technology / Google Dorking | 20 Top Commands
Technology 8 min read

Google Dorking | 20 Top Commands

what is osint

Key Takeaways

  • Google dorking is an advanced search technique that uses specialized commands to find hidden or sensitive information online.
  • Common Google dorking commands include “allintitle:”, “inurl:”, filetype:”, and many others that enable more comprehensive searches.
  • Google dorking carries some risks such as search restrictions, IP blocking, and legal consequences for accessing sensitive data.
  • Protecting against Google dorking involves securing sensitive directories, using encryption, monitoring website traffic, and regularly updating software.

Google dorking, also known as Google hacking, is an advanced search mechanism that allows users to make the most out of the most popular Google searches. Through the use of advanced search operators, known as commands, regular users, as well as professionals from different fields can uncover hidden details.

This mechanism leverages the search engine’s indexing capabilities, providing a wide array of information. In this article, we’ll go over some of the most useful commands that even everyday users can utilize.

Google Dorking Command List

Google dorking uses a variety of specialized search commands to extract targeted information. Here’s a list of commonly used commands (Google dorks) and their functions:

Command Description Usage Example
allintitle:  Finds webpages with all specified words in the title.  allintitle:admin login
allinurl: Locates pages where the URL contains all specified words.  allinurl:index.php?id=
cache: Displays the cached version of a web page. cache:example.com
define: Defines a word or phrase. define:Google Dorking
ext: Searches for specific file extensions.  ext:pdf financial report
filetype: Looks for specific file types on the web.  filetype:xls budget
info: Displays information that Google has about a specific website info:example.com
intext: Searches for pages containing specific words within the text. intext:password file
intitle: Finds pages with specific words in the title. intitle:index of
inurl: Searches for URLs containing specific words or parameters. inurl:admin.php
link: Identifies pages that link to a specific URL. link:example.com
location: Get information about a location.  location:London library
map: Displays maps related to the query.  map:new york city
movie: Provides info about a movie with the given title  movie:”Indiana Jones and the Temple of Doom”
phonebook: Finds phone numbers listed online.  phonebook:john doe new york
related: Locates pages associated with a specific URL. related:example.com
site: Restricts results to a specific site or domain. site:example.com login
source: Returns reports from a news source.  source:bloomberg
stocks:  Checks the status of a particular stock  stocks:META
weather: View the weather of a given location weather:new york

Below is a deeper dive into the commands from the list.

Allintitle:

The “allintitle:” command allows you to find web pages containing all the words you specify in the page’s title. This is particularly useful when looking for specific types of pages, such as login portals or administrative interfaces. For example, searching for allintitle:admin login will return pages where both “admin” and “login” appear in the title, which can help identify potentially unsecured admin portals.

Allinurl:

The “allinurl:” command searches for web pages with specific words within the URL. This is useful when trying to locate pages with certain parameters or files in their URL. For instance, “allinurl:index.php?id=” is often a vulnerable URL structure found in websites that use SQL databases. It can help you find pages that may be susceptible to SQL injection attacks.

Cache:

The “cache:” command shows Google’s cached version of a page. This is handy when a site is down or when you want to view an older version of a page. Inputting “cache:example.com” will display the last cached version of the site “example.com.” This can be used to recover information that was removed or changed on a live site.

Define:

Using the “define:” command, you can quickly find definitions of words or phrases without visiting a dictionary website. For example, typing “define:Google Dorking” into the search bar will bring up a concise definition of the term.

Ext:

The “ext:” command focuses on finding files with specific extensions, such as PDFs, Excel spreadsheets, or Word documents. This is helpful when searching for particular documents. For instance, using “ext:pdf financial report” would yield PDF documents that contain financial reports.

Filetype:

Similar to “ext:”, the “filetype:” command is used to locate files of a specific type, but it also allows for more specific searches. For example, “filetype:xls budget” would return Excel spreadsheets with the word “budget” in the name.

Info:

The “info:” command provides detailed information about a particular website, such as its cache, similar pages, or linked pages. For instance, “info:example.com” will display various pieces of information Google has collected about the site.

Intext:

The “intext:” command allows you to search for specific words or phrases within the body text of web pages. For example, “intext:password” will return pages that contain the word “password” in the text, potentially revealing documents or pages that contain sensitive information.

Intitle:

By using “intitle:”, you can search for pages where specific words appear in the title. This is similar to “allintitle:” but instead of requiring all words to appear in the title, “intitle:” only requires one. For instance, the command “intitle:index of” will return pages that include the phrase “index of” in the title, which can often reveal directories of files available on the web.

Inurl:

The “inurl:” command searches for specific words within a URL. This is useful for finding login pages, administrative panels, or vulnerable scripts. For example, “inurl:admin.php” will return URLs containing “admin.php”, helping you identify unsecured admin interfaces.

Link:

With the “link:” command, you can find web pages that link to a specific URL. For instance, “link:example.com” will show all the pages that link to “example.com”.

Location:

The “location:” command allows you to refine your search results based on a specific geographical location. By using this command, you can target search results relevant to a particular place, which helps find local businesses, news, or services. As a result, the command “location:new york restaurants” will return search results related to restaurants specifically in New York.

Map:

The “map:” command helps you find maps related to your search query. For example, typing “map:new york city” will show you various maps of New York City.

Movie:

The “movie:” query helps users search for movies and related information. For instance, “movie:” followed by the name of a movie and Google will return details about it. For instance, “movie:Inception” will bring up relevant details about the film Inception.

Phonebook:

The “phonebook:” command, though not widely used today, can be employed to find phone numbers listed online. For example, “phonebook:john doe new york” will search for phone listings associated with John Doe in New York.

Related:

The “related:” command identifies websites similar to a specified URL. For instance, typing “related:example.com” will show sites related to “example.com”.

Site:

The “site:” command restricts search results to a specific website or domain. For example, “site:example.com login” will return all the pages from “example.com” that are related to logins.

Source:

The “source:” command helps you search for news articles from specific sources. For example, “source:” followed by the name of a news outlet, you can find articles exclusively from that publication. For example, “source:Bloomberg technology” will show all technology-related news articles from Bloomberg.

Stocks:

The “stocks:” command allows you to retrieve stock market information about specific companies. For instance, “stocks:AAPL” will bring up the latest information on Apple Inc.’s stock performance.

Weather:

The “weather:” command provides real-time weather information for a specified location. For example, “weather:London”, you can get the current temperature, humidity, wind speed, and forecast for London. 

Risks of Google Dorking

While Google dorking can be a powerful tool, it also comes with risks, especially when misused. Overusing Google dorking can lead to Google limiting your search rate from the current device. If it’s not a device you use often, you might not even notice this.

What you should be more concerned about is IP blocking. It’s a common consequence of aggressive or suspicious dorking activities, where websites or even Google itself might block your IP for appearing to scrape data or conduct automated searches.

Last but not least, using Google dorks to access or retrieve sensitive data can also have legal consequences. It’s important to stay ethical and respect privacy laws when using these techniques.

How To Secure Yourself Against Google Dorking

You could be the target of Google dorking without even realizing it. Furthermore, hackers or malicious actors may use dorks to find vulnerabilities in your site or extract sensitive data. To bolster your defenses, you can follow these steps:

  • Regularly check for exposed files and directories on your website.
  • Don’t overuse robots.txt to prevent search engines from indexing sensitive areas of your site. Many hackers are aware of this practice and can use it against you.
  • Employ proper security measures such as encryption and secure login protocols.
  • Monitor your site’s performance for unusual spikes in traffic or suspicious activity.
  • Update software and plugins to reduce vulnerabilities.

Conclusion

Google dorking is an advanced search technique that can uncover a wealth of information, but it also comes with ethical and security risks. With dorking commands, users can improve searches, website performance, and more. Despite that, it’s crucial to stay aware of the potential risks and take steps to protect your data from malicious parties.

Was this Article helpful? Yes No
Thank you for your feedback. 100% 0%