The Ultimate List of Google Dorks (Cheat Sheet)

List of Google Dorks Hacker9

This article presents the ultimate and updated Google dorks list for 2024, serving as a comprehensive Google dorks cheat sheet.

We categorize Google dorks into sections such as Information Disclosure, Vulnerability Identification, File and Directory, Authentication and Access Control, E-commerce and Financial, and Network and System.

Each category includes detailed tables with descriptions and example use cases, including queries like Intext Usernames. Additionally, you may download the complete list of over 4,000 Google dorks (uncategorised).

This Google dorks cheat sheet serves as a valuable resource to enhance your search capabilities effectively and responsibly.

A. Information Disclosure Dorks

Information Disclosure Dorks help uncover sensitive information that may be unintentionally exposed online. These dorks can locate public directories, exposed configuration files, and other confidential data that should remain secure.

DorkDescriptionExample Use Case
intitle:"index of"Finds directory listingsLocating open directories on servers
filetype:pdfSearches for PDF filesFinding publicly available PDF documents
inurl:wp-config.phpLocates WordPress configuration filesAccessing WordPress site settings
inurl:phpinfo.phpFinds PHP info pagesViewing PHP configuration details
filetype:docSearches for Word documentsFinding publicly available Word files
filetype:xlsSearches for Excel spreadsheetsExtracting data from publicly available spreadsheets
inurl:/backup/Finds backup directoriesIdentifying backup files on servers
filetype:logSearches for log filesAccessing server log information
inurl:/admin/Locates admin directoriesFinding administrative access points
intitle:"index of" "/private"Finds private directory listingsLocating private folders on servers
filetype:sqlSearches for SQL database filesIdentifying exposed database files
inurl:configLocates configuration filesAccessing server configuration settings
filetype:iniSearches for INI configuration filesFinding INI files that may contain sensitive settings
inurl:/test/Finds test directoriesIdentifying test environments on servers
filetype:bakSearches for backup filesAccessing backup copies of important files

Using these dorks can help identify areas where sensitive information might be exposed.

For example, inurl:wp-config.php can reveal WordPress configuration files that contain database credentials, while filetype:log can access server logs that may hold valuable system information.

Additionally, dorks like intitle:"index of" "/private" can help locate private folders that should not be publicly accessible.

Intext Usernames

The intext:username dork searches for pages that contain specific usernames within the text, which can help identify user accounts, profiles, or other related information that should remain private. By locating such data, users can assess whether sensitive information is properly secured or if there are areas that require enhanced protection to prevent unauthorized access.

B. Vulnerability Identification Dorks

Vulnerability Identification Dorks are used to find potential security weaknesses in websites and systems. These dorks help locate admin login pages, unsecured interfaces, and other areas that may need stronger security measures.

DorkDescriptionExample Use Case
inurl:"/admin/login.php"Finds admin login pagesIdentifying potential admin panels for testing
intitle:"phpMyAdmin"Locates phpMyAdmin interfacesChecking for unsecured database management tools
inurl:"https://hacker9-cdn.b-cdn.net/admin/login.asp"Finds admin login pagesLocating ASP-based admin login portals
inurl:"/login.php"Finds general login pagesIdentifying login pages that may need security updates
intitle:"webadmin"Locates web admin pagesSearching for web administration interfaces
inurl:"/manager/html"Finds Tomcat manager pagesAccessing Tomcat server management interfaces
inurl:"/console"Finds admin consolesLocating administrative consoles for systems
inurl:"/user/login"Finds user login pagesIdentifying user authentication pages
inurl:"/secure/login"Finds secure login pagesLocating secure login portals that require protection
inurl:"/admin/index.php"Finds admin index pagesAccessing index pages of admin sections
intitle:"admin console"Locates admin console pagesSearching for administrative console interfaces
inurl:"admin.asp"Finds admin ASP pagesIdentifying ASP-based admin access points
inurl:"admin.aspx"Finds admin ASPX pagesLocating ASPX-based administrative pages
inurl:"admin.jsp"Finds admin JSP pagesAccessing JSP-based admin login portals
inurl:"administrator"Finds administrator pagesLocating administrator access points
inurl:"wp-admin"Finds WordPress admin pagesIdentifying WordPress administration panels
inurl:"/admin/login.html"Finds admin login pagesAccessing HTML-based admin login interfaces

Using these dorks can help identify areas where security may be lacking.

For example, inurl:"wp-admin" can reveal WordPress admin panels that need proper security measures to prevent unauthorized access. Similarly, intitle:"phpMyAdmin" helps locate database management interfaces that should be secured to protect sensitive data.

C. File and Directory Dorks

File and Directory Dorks help locate specific types of files and directories on websites. These dorks are useful for finding publicly accessible documents, spreadsheets, backups, and other files that may contain valuable information.

DorkDescriptionExample Use Case
inurl:/uploads/Finds upload directoriesIdentifying directories where files are uploaded
filetype:xls site:example.comSearches for Excel files on a specific siteExtracting data from publicly available spreadsheets
filetype:docSearches for Word documentsFinding publicly available Word files
filetype:pdfSearches for PDF filesLocating publicly accessible PDF documents
inurl:/backup/Finds backup directoriesIdentifying backup files on servers
filetype:zipSearches for ZIP archivesAccessing compressed files containing multiple documents
filetype:sqlSearches for SQL database filesIdentifying exposed database files
filetype:logSearches for log filesAccessing server log information
filetype:iniSearches for INI configuration filesFinding INI files that may contain sensitive settings
filetype:bakSearches for backup filesAccessing backup copies of important files
intitle:"index of /public"Locates public directoriesAccessing publicly available directories
inurl:/config/Finds configuration directoriesIdentifying directories containing configuration files
filetype:txtSearches for text filesLocating publicly available text documents
inurl:/private/Finds private directoriesAccessing private folders on servers
filetype:csvSearches for CSV filesExtracting data from publicly available spreadsheets

Using these dorks can help identify areas where sensitive information might be exposed.

For example, filetype:sql can reveal SQL database files that may contain confidential data, while inurl:/backup/ can access backup directories that store important files.

Additionally, dorks like intitle:"index of /public" can help locate public directories that should be secured to prevent unauthorized access.

D. Authentication and Access Control Dorks

Authentication and Access Control Dorks help locate login pages and access control mechanisms on websites. These dorks are useful for finding authentication portals that may need stronger security measures to prevent unauthorized access.

DorkDescriptionExample Use Case
inurl:wp-login.phpFinds WordPress login pagesLocating login portals for WordPress sites
intitle:"Login" site:govSearches for government login pagesIdentifying access points for government websites
inurl:"https://hacker9-cdn.b-cdn.net/admin/login.asp"Finds ASP-based admin login pagesLocating ASP-based admin login portals
inurl:"/login.php"Finds general login pagesIdentifying login pages that may need security updates
inurl:admin.aspLocates ASP admin pagesAccessing administrative pages for ASP websites
inurl:admin.aspxFinds ASPX-based admin pagesLocating ASPX-based administrative pages
inurl:admin.jspFinds JSP-based admin pagesAccessing JSP-based admin login portals
inurl:admin.htmlFinds HTML-based admin pagesLocating HTML-based administrative pages
inurl:login.aspxFinds ASPX login pagesIdentifying ASPX login portals for security checks
inurl:"/secure/login"Finds secure login pagesLocating secure login portals that require protection
inurl:manager/htmlFinds Tomcat manager pagesAccessing Tomcat server management interfaces
inurl:"/user/login"Finds user login pagesIdentifying user authentication pages
inurl:"/console"Finds admin consolesLocating administrative consoles for systems
inurl:routerlogin.aspFinds router login pagesSecuring router interfaces from unauthorized access
inurl:"/admin/index.php"Locates admin index pagesAccessing index pages of admin sections

Using these dorks can help identify areas where authentication and access control security may be lacking.

For example, inurl:wp-login.php can reveal WordPress admin panels that need proper security measures to prevent unauthorized access. Similarly, intitle:"Login" site:gov helps locate government login pages that should be secured to protect sensitive information.

E. Ecommerce and Financial Dorks

Ecommerce and Financial Dorks are used to find online stores, financial databases, and related information. These dorks help identify vulnerabilities in ecommerce platforms or locate financial data that should be protected.

DorkDescriptionExample Use Case
inurl:/shop/Finds online shop directoriesLocating e-commerce platforms for analysis
filetype:sql inurl:"/db/"Searches for SQL database filesIdentifying exposed database files
inurl:/payment/Finds payment processing pagesSecuring payment gateways to prevent fraud
filetype:csv inurl:"/data/"Searches for CSV data filesExtracting data from publicly available spreadsheets
inurl:/checkout/Finds checkout pagesLocating checkout portals that need protection
filetype:xml inurl:"/config/"Searches for XML configuration filesIdentifying exposed XML configuration settings
inurl:/cart/Finds shopping cart pagesSecuring shopping cart functionalities
filetype:json inurl:"/api/"Searches for JSON API filesAccessing exposed API endpoints
inurl:/secure/transactions/Finds secure transaction pagesProtecting transaction processing areas
filetype:bak inurl:"/backup/"Searches for backup files in e-commerce sitesAccessing backup copies of important financial data
inurl:/orders/Finds order management pagesSecuring order processing systems
filetype:log inurl:"/logs/"Searches for log files in financial systemsAccessing server logs that may contain sensitive information
inurl:/invoice/Finds invoice pagesLocating invoice management systems
filetype:pdf inurl:"/docs/"Searches for PDF documents in e-commerce sitesFinding publicly available PDF documents related to finances
inurl:/billing/Finds billing pagesSecuring billing information portals

Using these dorks can help identify areas where financial and ecommerce information might be exposed.

For example, inurl:/shop/ can reveal online store directories that may contain sensitive product and customer information. Similarly, filetype:sql inurl:"/db/" helps locate SQL database files that might hold confidential financial data.

F. Network and System Dorks

Network and System Dorks are used to locate network configurations, system files, and administrative interfaces on websites. These dorks help identify areas that may need stronger security measures to prevent unauthorized access and protect sensitive information.

DorkDescriptionExample Use Case
inurl:/cgi-bin/Locates CGI script directoriesFinding CGI scripts that may have vulnerabilities
intitle:"Network Configuration"Searches for network configuration filesAccessing network settings and configurations
inurl:routerlogin.aspFinds router login pagesSecuring router interfaces from unauthorized access
inurl:/console/Finds system consolesAccessing administrative consoles for systems
inurl:/statusLocates status pagesMonitoring server status and performance
intitle:"Network Map"Searches for network mapsViewing network topology and connections
inurl:/server-statusFinds server status pagesChecking server health and activity
inurl:adminconsoleLocates admin consolesManaging administrative settings and controls
intitle:"Network Tools"Finds network tool pagesAccessing tools for network management
inurl:/system/Locates system directoriesIdentifying system-related directories
inurl:/sysadmin/Finds system admin pagesAccessing system administration interfaces
inurl:/secure/admin/Locates secure admin directoriesSecuring administrative access points
filetype:confSearches for configuration filesFinding server and application configuration files
filetype:cfgSearches for configuration filesLocating configuration settings
filetype:iniSearches for INI configuration filesAccessing INI files that contain sensitive settings
filetype:yamlSearches for YAML config filesFinding YAML configuration files for applications
filetype:xmlSearches for XML configuration filesLocating XML files for system and network settings
filetype:logSearches for log filesAccessing server logs that may contain system information
inurl:/monitoring/Finds monitoring directoriesIdentifying directories used for system monitoring
inurl:/manage/Locates management pagesAccessing management interfaces for systems
intitle:"System Dashboard"Finds system dashboardsViewing system performance and metrics dashboards
inurl:/admin/systemFinds system admin pagesSecuring system administration access points
inurl:/manager/htmlFinds Tomcat manager pagesAccessing Tomcat server management interfaces

Using these dorks can help identify areas where network and system security may be lacking.

For example, inurl:/cgi-bin/ can reveal CGI script directories that might have vulnerabilities, while intitle:"Network Configuration" helps locate network configuration files that should be secured to protect network settings. Similarly, inurl:routerlogin.asp can find router login pages that need proper security measures to prevent unauthorized access.

See also: Google Dorking: Commands, Applications and Best Practices

Ashwin S

A cybersecurity enthusiast at heart with a passion for all things tech. Yet his creativity extends beyond the world of cybersecurity. With an innate love for design, he's always on the lookout for unique design concepts.