Google Dorks, or Google hacking queries, are powerful search operators used by penetration testers, security researchers, and ethical hackers to locate sensitive data, security vulnerabilities, or misconfigurations in websites, servers, and databases. These queries are designed to leverage Google’s indexing capabilities to uncover exposed assets and data that might otherwise remain hidden from regular search engine results.

In this post, we will share an extensive list of 700 Google Dorks categorized based on their application. This list will be valuable for cybersecurity professionals, system administrators, and anyone involved in security auditing or vulnerability research. However, it's crucial to use these dorks ethically and within legal boundaries. Unauthorized access or exploitation of discovered vulnerabilities without consent is illegal.

This list has been organized into sections for easy navigation. The dorks in the sections below can be used for various purposes, such as identifying exposed admin panels, finding vulnerable database configurations, locating unprotected files, and identifying potential security risks in web servers.

Google Dorks for Security Researchers, Penetration Testers, and Cybersecurity Auditors

Admin Panel Dorks

These Google Dorks are designed to help identify exposed admin panels or login portals on web servers. They are commonly used to find unprotected or misconfigured admin interfaces.

inurl:"/admin"
inurl:"admin.asp"
intitle:"Login page" inurl:"admin"
inurl:"/admin/login"
intitle:"Administrator Login" inurl:"/admin"
intitle:"login" inurl:"admin"
inurl:"admin/config"
intitle:"Dashboard" inurl:"admin"
inurl:"wp-admin"
inurl:"/admin/index.php"
inurl:"admin.php"
intitle:"Admin Login" inurl:"admin"
inurl:"/login" inurl:"admin"
inurl:"admin/login.php"
intitle:"Administrator" inurl:"/login"
inurl:"/adminpanel"
inurl:"admincp"
intitle:"Login to your account" inurl:"admin"
intitle:"Control Panel" inurl:"admin"
inurl:"/admin/configuration"

File & Directory Indexing Dorks

File indexing vulnerabilities occur when websites expose their directories to the public. These Google Dorks help locate such files and directories, potentially revealing sensitive information.

intitle:"index of" "backup"
intitle:"index of" "config"
intitle:"index of" "password"
intitle:"index of" "logs"
intitle:"index of" "admin"
intitle:"index of" "ftp"
intitle:"index of" "private"
intitle:"index of" "database"
intitle:"index of" "uploads"
intitle:"index of" "files"
intitle:"index of" "test"
intitle:"index of" "secrets"
intitle:"index of" "settings"
intitle:"index of" "html"
intitle:"index of" "images"
intitle:"index of" "video"
intitle:"index of" "scripts"
intitle:"index of" "backups"
intitle:"index of" "docs"
intitle:"index of" "public"

Sensitive Data Exposure Dorks

Sensitive data, such as passwords, database credentials, or confidential documents, can often be accidentally exposed on the web. These Google Dorks search for potential leaks of such sensitive information.

inurl:"/passwords"
inurl:"/config.php"
inurl:"/wp-config.php"
intitle:"index of" "users.db"
intitle:"index of" "secrets.txt"
filetype:sql inurl:"password"
filetype:db inurl:"credentials"
intitle:"index of" "backup.sql"
intitle:"index of" "database.bak"
inurl:"/usernames" filetype:csv
intitle:"index of" "mysql"
filetype:xml inurl:"password"
intitle:"index of" "config.json"
intitle:"index of" "API_keys"
filetype:txt "password"
filetype:csv "users"
intitle:"index of" "private_keys"
intitle:"index of" "database_config"
filetype:json "api_key"
filetype:log inurl:"password"

Vulnerability Scan Dorks

These Google Dorks help locate instances of vulnerable services, web applications, or misconfigured pages that can be targeted in penetration testing.

inurl:"/phpmyadmin"
inurl:"/adminer"
inurl:"/admin.php"
inurl:"/dbadmin"
intitle:"Index of" "login"
inurl:"/install.php"
inurl:"/setup.php"
inurl:"/phpinfo.php"
intitle:"index of" "test.php"
intitle:"index of" "backup"
inurl:"/test"
inurl:"/backup" filetype:sql
inurl:"/cgi-bin/"
intitle:"index of" "php.ini"
intitle:"index of" "error_log"
inurl:"/dev" intitle:"Index of"
inurl:"/staging"
intitle:"Index of" "staging"
inurl:"/cms" intitle:"Index of"
inurl:"/tmp" intitle:"Index of"

CMS (Content Management System) Dorks

Content Management Systems (CMSs) like WordPress, Joomla, and Drupal are common targets for attackers. These dorks help identify exposed CMS-related files and directories that could be vulnerable to attack.

inurl:"/wp-content"
inurl:"/wp-admin"
inurl:"/wp-login.php"
intitle:"WordPress" inurl:"/wp-content/plugins"
intitle:"Joomla" inurl:"/administrator"
intitle:"Drupal" inurl:"/user/login"
intitle:"Magento" inurl:"/admin"
inurl:"/cms/login"
inurl:"/site-admin"
intitle:"index of" "joomla"
inurl:"/wp-includes"
intitle:"index of" "content/plugins"
intitle:"index of" "wp-content/themes"
inurl:"/wp-json"
inurl:"/wp-admin/options.php"
inurl:"/user/login" site:drupal.org
intitle:"index of" "wp-content/uploads"
inurl:"/blog/wp-admin"
inurl:"/joomla/login"
inurl:"/drupal/login"

Database Dorks

These Google Dorks help locate database-related vulnerabilities, potentially revealing sensitive or misconfigured databases.

inurl:"/phpmyadmin/"
intitle:"index of" "db.sql"
filetype:sql "user"
filetype:sql inurl:"admin"
intitle:"index of" "mongodb"
inurl:"/mysql" filetype:sql
inurl:"/dbadmin"
intitle:"Index of" "backup.sql"
intitle:"Index of" "dump.sql"
inurl:"/database/admin"

Server Configuration Dorks

Misconfigured servers can present a major security risk, as exposed directories and configuration files might reveal critical information. The following dorks help locate misconfigured web servers or server files.

intitle:"index of" "server-status"
intitle:"index of" "nginx-status"
intitle:"index of" "server-info"
inurl:"/server-status"
inurl:"/nginx-status"
inurl:"/apache-status"
intitle:"index of" "error_log"
inurl:"/etc/passwd"
inurl:"/var/log/apache2"
intitle:"index of" "passwd"
intitle:"index of" "httpd.conf"
intitle:"index of" "nginx.conf"
inurl:"/etc/shadow"
inurl:"/conf/httpd.conf"
inurl:"/var/www/" intitle:"index of"
intitle:"index of" "ssl.conf"
inurl:"/server-info" filetype:conf
inurl:"/cgi-bin/" inurl:"config"
intitle:"index of" "error"
inurl:"/server-info"

File Inclusion Vulnerabilities Dorks

File inclusion vulnerabilities can lead to remote code execution or the exposure of sensitive files. The following dorks help uncover such vulnerabilities.

inurl:"index.php?page="
inurl:"index.php?file="
inurl:"index.php?module="
inurl:"?page="
intitle:"index of" "etc/passwd"
inurl:"?lang="
inurl:"/readme.txt"
inurl:"/config.php"
inurl:"/includes/db.php"
intitle:"index of" "phpinfo"
inurl:"/docs/configuration"
inurl:"/login.php?redir="
intitle:"index of" "phpmyadmin"
inurl:"/admin/index.php?content="
inurl:"/test.php?file="
intitle:"index of" "php.ini"
inurl:"/login.php?redirect="
inurl:"/admin/index.php?redirect="
inurl:"/config/config.php"
inurl:"/site/admin/config.php"

Cross-Site Scripting (XSS) Dorks

Cross-site scripting (XSS) is a common vulnerability that allows attackers to inject malicious scripts into webpages. These dorks help find web pages vulnerable to XSS attacks.

inurl:"<script>"
inurl:"javascript:void(0)"
inurl:"alert('XSS')"
inurl:"<img src=" onerror="alert(1)">"
inurl:"<iframe src="
inurl:"<body onload="alert()"
inurl:"<script>alert"
inurl:"<script src="
inurl:"<a href="javascript:"
inurl:"<marquee behavior="alternate"
inurl:"<img src=" x=" onerror="alert()"
inurl:"<input type="button" value="button" onclick="alert()"
inurl:"<script type="text/javascript">alert()
intitle:"search results" inurl:"<script>
inurl:"javascript: alert("
inurl:"<script>alert('XSS')</script>
inurl:"<input type="text" onfocus="alert()"
inurl:"<a href="javascript:void(0)"

Remote File Disclosure Dorks

These dorks are designed to locate file inclusion vulnerabilities that can lead to remote file disclosure, exposing sensitive files.

inurl:"/etc/passwd"
inurl:"/etc/shadow"
intitle:"index of" "passwd"
inurl:"/var/log/"
intitle:"index of" "mysql"
inurl:"/config.php"
intitle:"index of" "wp-config.php"
inurl:"/admin/config"
inurl:"/config.yaml"
inurl:"/config.php?file="
inurl:"/etc/nginx/"
inurl:"/var/www/html/"
inurl:"/opt/lampp/etc/"
inurl:"/etc/apache2/"
inurl:"/etc/httpd/"
intitle:"index of" "cgi-bin"
inurl:"/cgi-bin/"
inurl:"/uploads/" filetype:sql
intitle:"index of" "backup"
inurl:"/uploads/" filetype:csv
inurl:"/backups/config.php"
intitle:"index of" "config.php"

Error Message Dorks

Error messages can leak valuable information about a system or application, helping attackers identify potential weaknesses. These dorks help uncover error messages that reveal sensitive details.

inurl:"/error.php"
inurl:"/index.php?error="
inurl:"/404.php"
intitle:"error" inurl:"404"
intitle:"error" inurl:"404 not found"
intitle:"error" inurl:"not found"
intitle:"error" inurl:"server error"
inurl:"/500.php"
inurl:"/error_log"
inurl:"/logs/error_log"
intitle:"index of" "error_log"
inurl:"/err/"
intitle:"index of" "debug"
intitle:"index of" "errors"
inurl:"/database_error"
inurl:"/sql_error"
inurl:"/config_error"
inurl:"/app_error"
inurl:"/server_error"
inurl:"/cgi-bin/error"

Subdomain Enumeration Dorks

Subdomain enumeration can help identify additional attack surfaces within a target domain. These dorks locate subdomains that might be vulnerable.

inurl:"http://www."
inurl:"http://subdomain."
intitle:"index of" "subdomains"
site:subdomain.example.com
inurl:"www.example.com"
intitle:"index of" "test"
intitle:"index of" "subdomain"
inurl:"subdomain.example.com"
inurl:"example.com"
inurl:"/subdomains"

Miscellaneous Dorks

Here are a few miscellaneous dorks that can help identify various vulnerabilities, misconfigurations, or exposed data.

filetype:pdf inurl:"confidential"
filetype:txt inurl:"password"
filetype:log inurl:"error"
filetype:csv inurl:"passwords"
inurl:"/ajax"
filetype:jpg inurl:"admin"
filetype:json "admin"
intitle:"index of" "ftp"
inurl:"/uploads"
inurl:"/docs"
filetype:txt inurl:"creds"
intitle:"index of" "sensitive"
filetype:db inurl:"database"
inurl:"/data"
intitle:"index of" "settings"
inurl:"/admin/settings"
filetype:json inurl:"keys"
inurl:"/email"
filetype:log inurl:"login"
inurl:"/admin/configurations"

Content Management System (CMS) Vulnerability Dorks

Content Management Systems like WordPress, Joomla, and Drupal are often targeted by attackers. These dorks help identify vulnerabilities specific to CMS platforms.

inurl:"/wp-content/plugins"
inurl:"/wp-login.php"
inurl:"/wp-admin"
intitle:"Joomla" inurl:"/administrator"
inurl:"/joomla/administrator"
intitle:"index of" "wp-content/uploads"
inurl:"/cms/admin"
inurl:"/joomla/configuration.php"
inurl:"/drupal/admin"
inurl:"/wordpress/wp-admin"
inurl:"/wp-content/themes"
inurl:"/drupal/modules"
inurl:"/joomla/components"
inurl:"/wordpress/wp-includes"
inurl:"/drupal/sites"
inurl:"/cms/images"
inurl:"/wp-json"
inurl:"/wp-content/themes" filetype:php
inurl:"/drupal/js"
inurl:"/joomla/plugins"

Email Enumeration Dorks

Email enumeration helps attackers gather valid email addresses from exposed directories or unprotected web pages.

inurl:"@example.com"
intitle:"index of" "emails"
filetype:txt inurl:"email"
filetype:csv inurl:"emails"
intitle:"contact" inurl:"email"
inurl:"/mail/" filetype:txt
intitle:"index of" "emails"
inurl:"email" filetype:xls
inurl:"contact" filetype:csv
intitle:"email addresses" inurl:"list"
filetype:pdf "contact email"
inurl:"/mailing_list"
inurl:"/subscribe" inurl:"list"
inurl:"/contact_us" filetype:html
inurl:"@company.com"
intitle:"directory" inurl:"email"
filetype:xml "email" inurl:"contact"
inurl:"/staff_list"
inurl:"/email_list"
intitle:"directory" inurl:"email addresses"

SQL Injection Dorks

SQL injection is one of the most common and dangerous web vulnerabilities. These dorks help find SQL injection points in web applications.

inurl:"id="
inurl:"product_id="
inurl:"cat_id="
inurl:"?page="
inurl:"?id="
inurl:"?cat="
inurl:"?category="
intitle:"error" inurl:"mysql"
intitle:"error" inurl:"sql"
inurl:"?search="
inurl:"?user="
inurl:"&id="
inurl:"&page="
inurl:"&category="
inurl:"?q="
intitle:"index of" "login"
inurl:"/list.php?id="
inurl:"/product.php?id="
inurl:"/catalogue.php?id="
intitle:"index of" "home" inurl:"id="

Open Directory Dorks

These dorks are useful for finding open directories or file listings that are not secured, exposing sensitive information that could be exploited.

intitle:"index of" "admin"
intitle:"index of" "files"
intitle:"index of" "database"
intitle:"index of" "backup"
intitle:"index of" "uploads"
intitle:"index of" "log"
intitle:"index of" "config"
intitle:"index of" "public"
intitle:"index of" "images"
intitle:"index of" "documents"
intitle:"index of" "test"
intitle:"index of" "html"
intitle:"index of" "video"
intitle:"index of" "scripts"
intitle:"index of" "archives"
intitle:"index of" "files"
intitle:"index of" "projects"
intitle:"index of" "secrets"
intitle:"index of" "configs"
intitle:"index of" "backups"

Vulnerable Scripts and Files Dorks

The following dorks are used to find misconfigured or vulnerable scripts and files that could lead to security breaches.

inurl:"/cgi-bin/phpinfo.php"
intitle:"index of" "cgi-bin"
inurl:"/cgi-bin/index.php"
inurl:"/adminer.php"
inurl:"/phpmyadmin/"
inurl:"/admin/config.php"
inurl:"/wp-admin/install.php"
intitle:"phpMyAdmin" inurl:"/index.php"
inurl:"/admin/configurations"
inurl:"/setup.php"
inurl:"/admin/install.php"
inurl:"/admin" inurl:"index.php"
inurl:"/setup/install.php"
inurl:"/admin/cron.php"
intitle:"index of" "admin.php"
inurl:"/admin/configuration.php"
inurl:"/install/index.php"
intitle:"index of" "admin/index.php"
intitle:"index of" "admin/config.php"
inurl:"/adminpanel"

Directory Traversal Dorks

Directory traversal vulnerabilities allow attackers to access restricted files on a server. These dorks help identify potential directory traversal weaknesses.

inurl:"../../../../etc/passwd"
inurl:"../../../etc/passwd"
inurl:"..//..//..//etc/passwd"
inurl:"/../"
inurl:"../../"
intitle:"index of" ".."
inurl:"../../../../../"
intitle:"index of" "../../../"
inurl:"../"
inurl:"/..//"
inurl:"/../..//"
inurl:"..%2F..%2F..%2Fetc%2Fpasswd"
inurl:"..%2F..%2F..%2Fetc%2Fshadow"
inurl:"..//..//etc/"
inurl:"/etc/passwd"
inurl:"../../../../"
intitle:"index of" "../"
inurl:"/admin/../../etc/passwd"
intitle:"index of" "..//..//"
inurl:"..//..//etc/passwd"

WebCam Dorks

These dorks are designed to locate unsecured webcams and surveillance devices that are accessible through the internet.

intitle:"Live View / - AXIS" inurl:"/axis-cgi"
intitle:"IP Camera" inurl:"/view.shtml"
inurl:"/view/index.shtml"
intitle:"webcamXP 5" inurl:"/view.shtml"
inurl:"/webcam" filetype:mp4
inurl:"/live-view.cgi"
intitle:"webcam" inurl:"/stream"
intitle:"camera live feed" inurl:"/view"
inurl:"/axis-cgi/mjpg" filetype:mpg
intitle:"network camera" inurl:"/snapshot.jpg"

WordPress Vulnerabilities Dorks

WordPress is the most commonly targeted content management system, and these dorks help identify vulnerable WordPress sites or misconfigurations.

inurl:"/wp-content/uploads"
inurl:"/wp-content/plugins"
inurl:"/wp-content/themes"
inurl:"/wp-includes/"
inurl:"wp-admin/install.php"
inurl:"wp-config.php"
inurl:"/wp-json"
inurl:"wp-login.php"
inurl:"wp-admin"
intitle:"index of" "wp-content"
intitle:"index of" "wp-config.php"
inurl:"/wp-admin/options.php"
inurl:"/wp-content/themes"
inurl:"/wp-includes/images"
inurl:"/wp-admin/css"
inurl:"/wp-admin/js"
inurl:"/wp-content/plugins/file-manager/"
inurl:"/wp-content/uploads/"
inurl:"/wp-includes/functions.php"
intitle:"index of" "wp-includes"

Backup File Dorks

Backup files can expose critical data, making them a target for attackers. The following dorks help find these exposed files.

inurl:"backup"
intitle:"index of" "backup"
inurl:"/backup/db"
inurl:"/backup/"
inurl:"/backups/"
filetype:sql inurl:"backup"
inurl:"/backup.zip"
filetype:tar inurl:"backup"
inurl:"/backups/config"
inurl:"/backup/wordpress"

Security Misconfiguration Dorks

Security misconfigurations in a web application can expose sensitive data. These dorks help locate these misconfigurations.

intitle:"index of" "admin"
intitle:"index of" "db"
inurl:"/etc/passwd"
inurl:"/config.json"
inurl:"/config.php"
inurl:"/admin/"
inurl:"/backup/"
intitle:"index of" "config"
inurl:"/wp-admin/config"
inurl:"/wp-content/uploads"

File Permissions Dorks

Incorrect file permissions are a common vulnerability that attackers can exploit to gain unauthorized access. These dorks help identify potential weaknesses related to file permissions.

intitle:"index of" "backup"
inurl:"/etc/passwd"
inurl:"/etc/shadow"
inurl:"/tmp/"
inurl:"/root/"
intitle:"index of" "config"
inurl:"/var/www"
intitle:"index of" "logs"
inurl:"/backups/config"
inurl:"/usr/share"

Exploit Database Dorks

Exploit-db contains various exploits and vulnerabilities. These dorks are designed to search and access relevant vulnerabilities.

site:exploit-db.com "CVE"
site:exploit-db.com "vulnerability"
site:exploit-db.com "exploit"
inurl:"exploit-db" "CVE"
inurl:"exploit-db" "remote code execution"
inurl:"exploit-db" "SQL injection"
site:exploit-db.com "RCE"
inurl:"exploit-db" "XSS"
site:exploit-db.com "CVE-"
inurl:"exploit-db" "file inclusion"

Directory Traversal & File Inclusion Dorks

These dorks help identify vulnerable web applications that might be susceptible to directory traversal or local file inclusion (LFI).

inurl:"/../../../../etc/passwd"
inurl:"/../../../../../etc/shadow"
inurl:"../../../../../etc/passwd"
inurl:"../../../../../etc/shadow"
inurl:"/index.php?page=../../"
intitle:"Error: 404 Not Found" inurl:"index.php?"
inurl:"/vulnerabilities/exec"
intitle:"file not found" inurl:"/var/log"
inurl:"/../../../etc/"
inurl:"/..//..//etc/passwd"
intitle:"phpinfo" inurl:"/var/www"
inurl:"../../etc/hosts"
inurl:"/index.php?file=../../"
inurl:"/fileserver/../../../etc/passwd"
inurl:"../etc/passwd"
inurl:"/uploads/../../../../etc/passwd"
inurl:"/admin?file=../../"
inurl:"/etc/passwd"
inurl:"/etc/shadow"
inurl:"/etc/hosts"

Backup Files and Sensitive Information Dorks

Backup files often contain sensitive data, and these dorks help identify exposed backup files on web servers.

inurl:"/backup/"
inurl:"/backup.zip"
intitle:"Index of /backups"
intitle:"Index of /backup"
inurl:"/dbbackup/"
inurl:"/database-backup/"
inurl:"/backup.tar.gz"
inurl:"/backup/backup.sql"
inurl:"/database_backups/"
intitle:"Index of /backups" filetype:sql
inurl:"/backups/.git"
inurl:"/admin/backup/"
inurl:"/wp-content/backups/"
inurl:"/backup/*.sql"
intitle:"Index of /" "backup" "zip"
inurl:"/backup/*.tar"
intitle:"backup files" inurl:"list"
inurl:"/backup/old/"
inurl:"/site-backup/"
intitle:"Index of /" "backup" "tar.gz"

Admin Panel Dorks

Web application administration panels, if not secured, can be vulnerable to unauthorized access. These dorks help locate these sensitive areas.

inurl:"admin.php"
inurl:"/admin" inurl:"login"
inurl:"/admin/dashboard"
inurl:"admin/config.php"
intitle:"login - admin"
inurl:"/admin/login"
inurl:"/admin/controlpanel"
intitle:"admin panel" inurl:"login"
intitle:"admin" inurl:"panel"
inurl:"/admin/login.php"
intitle:"admin panel" inurl:"control"
inurl:"/admin/settings"
intitle:"admin login" inurl:"admin"
inurl:"/panel/admin/"
inurl:"/admin-dashboard"
inurl:"/admin_area"
intitle:"admin area" inurl:"index.php"
inurl:"/administrator/"
inurl:"/admin/cp"
inurl:"admin_controlpanel"

User Enumeration Dorks

These dorks help identify user enumeration vulnerabilities in applications that reveal usernames or accounts.

inurl:"username="
intitle:"error" inurl:"user"
intitle:"admin" inurl:"password"
intitle:"user list" inurl:"users"
inurl:"/login?username="
intitle:"user login" inurl:"username"
intitle:"user login" inurl:"account"
inurl:"?user_id="
inurl:"user/login"
intitle:"index of" "users"
inurl:"/members/"
inurl:"/profile/"
inurl:"/users/"
intitle:"user details" inurl:"account"
inurl:"/user_profiles/"
inurl:"/account/" filetype:xml
inurl:"?id=" inurl:"user"
inurl:"/userinfo/"
inurl:"/user_profile"
inurl:"?username="

Sensitive Directory Listings Dorks

Some websites expose sensitive information through unprotected directory listings. These dorks help find such exposed directories.

intitle:"index of" "logs"
intitle:"index of" "admin"
intitle:"index of" "config"
intitle:"index of" "files"
intitle:"index of" "secrets"
intitle:"index of" "database"
intitle:"index of" "backup"
intitle:"index of" "uploads"
intitle:"index of" "scripts"
intitle:"index of" "php"
intitle:"index of" "admin/config"
intitle:"index of" "assets"
intitle:"index of" "document"
intitle:"index of" "admin/data"
intitle:"index of" "settings"
intitle:"index of" "source"
intitle:"index of" "public"
intitle:"index of" "archive"
intitle:"index of" "scripts"
intitle:"index of" "media"

PHP Vulnerabilities Dorks

PHP vulnerabilities can often lead to serious security breaches. These dorks identify various exposed PHP files or vulnerabilities.

inurl:"/phpmyadmin/"
inurl:"/phpinfo.php"
inurl:"/index.php?id="
intitle:"phpinfo" inurl:"/phpinfo.php"
intitle:"phpMyAdmin" inurl:"/index.php"
inurl:"/phpMyAdmin/config.inc.php"
intitle:"phpMyAdmin" inurl:"setup/index.php"
inurl:"/upload.php?file="
intitle:"PHP Info"
inurl:"/phpinfo" filetype:php
inurl:"/public/index.php"
inurl:"/phpmyadmin/scripts/setup.php"
intitle:"index of" "php"
intitle:"phpMyAdmin" inurl:"/db_structure.php"
inurl:"/phpMyAdmin/db_copy.php"
inurl:"/phpmyadmin/config.php"
inurl:"/phpMyAdmin/db_create.php"
inurl:"/phpMyAdmin/export.php"
inurl:"/phpmyadmin/db_select.php"
intitle:"phpMyAdmin" inurl:"/index.php"

File Disclosure Dorks

These dorks are useful for finding exposed files that should be protected, such as configuration files or backup files.

inurl:"/config.php"
intitle:"index of" "config"
inurl:"/wp-config.php"
intitle:"index of" "config.php"
inurl:"/config/config.php"
inurl:"/config/setting.ini"
inurl:"/config/config.yaml"
inurl:"/config/.htaccess"
inurl:"/web.config"
inurl:"/settings.ini"
inurl:"/config/.env"
inurl:"/db_config.php"
inurl:"/admin/settings.php"
intitle:"index of" "admin.php"
inurl:"/admin/backup"
inurl:"/config/db_config.php"
inurl:"/public/config.php"
intitle:"index of" "secret"
inurl:"/admin/.git"
inurl:"/config.php" "password"

Content Management System (CMS) Exploitation Dorks

CMS platforms like WordPress, Joomla, and Drupal can be vulnerable to various exploits. These dorks can help identify vulnerable installations.

inurl:"/wp-admin/"
inurl:"/wp-content/uploads"
inurl:"/wp-content/plugins"
inurl:"/wp-content/themes"
intitle:"index of" "wp-content"
inurl:"/wp-includes/"
inurl:"/wp-login.php"
inurl:"/wp-admin/install.php"
intitle:"Joomla!" inurl:"/administrator"
inurl:"/joomla/administrator"
inurl:"/drupal/admin"
inurl:"/adminer.php"
inurl:"/drupal/modules"
inurl:"/cms/admin"
inurl:"/cms/login"
inurl:"/wordpress/wp-admin"
inurl:"/drupal/sites"
intitle:"index of" "drupal"
inurl:"/joomla/configuration.php"
inurl:"/wordpress/wp-includes"

Cross-Site Scripting (XSS) Dorks

Cross-Site Scripting (XSS) vulnerabilities allow attackers to inject malicious scripts. These dorks help in finding XSS vulnerabilities.

inurl:"<script>"
inurl:"javascript:void(0)"
intitle:"error" inurl:"XSS"
intitle:"index of" "xss"
inurl:"/search?q="
inurl:"?search="
inurl:"?id=" inurl:"name="
inurl:"<script src="
inurl:"/search?query="
inurl:"?page=search"
inurl:"<img src="
inurl:"<script>alert"
inurl:"/search" filetype:php
inurl:"<script src="http"
intitle:"error" inurl:"/search?q="
inurl:"?name="
inurl:"<img src=javascript"
inurl:"<a href="
inurl:"/js/search"
inurl:"search?query="

Sensitive File Locations Dorks

These dorks target directories or files that should never be exposed to the internet, like configuration files and database backups.

intitle:"index of" "database"
inurl:"/config/"
inurl:"/private/"
inurl:"/uploads/"
intitle:"index of" "configurations"
inurl:"/admin/.git"
inurl:"/uploads/backup"
inurl:"/root/"
inurl:"/data/"
inurl:"/private/db"
intitle:"index of" "documents"
inurl:"/config/config.ini"
intitle:"index of" "admin"
inurl:"/root/backup"
inurl:"/uploads/config"
inurl:"/db_backups/"

Error Message Dorks

Error messages can sometimes reveal sensitive information about web applications, such as database structure or application stack.

intitle:"error" inurl:"SQL"
intitle:"error" inurl:"mysql"
inurl:"error_message"
intitle:"error" inurl:"file not found"
inurl:"error" filetype:log
inurl:"error" inurl:"database"
intitle:"error" inurl:"missing"
inurl:"error" inurl:"unauthorized"
inurl:"error" inurl:"403"
inurl:"error" inurl:"not found"
intitle:"error" inurl:"permission"
inurl:"error" inurl:"denied"
inurl:"error" inurl:"server"
intitle:"error" inurl:"503"

Sensitive File Exposure Dorks

These dorks help to find files that should not be publicly accessible but may have been exposed due to misconfigurations.

inurl:"/db_config.php"
inurl:"/wp-config.php"
intitle:"index of" "database"
intitle:"index of" "wp-config"
inurl:"/config.php"
intitle:"index of" "config.php"
inurl:"/admin/.git"
intitle:"index of" "logs"
inurl:"/files/.git"
intitle:"index of" "htaccess"
inurl:"/wp-config.php"
intitle:"index of" ".git"
inurl:"/etc/passwd"
inurl:"/etc/shadow"
intitle:"index of" ".env"
inurl:"/admin/.env"
intitle:"index of" "config.yaml"
inurl:"/private/.git"
inurl:"/config/.env"
inurl:"/uploads/backup.zip"

Insecure Direct Object References (IDOR) Dorks

IDOR vulnerabilities occur when an application exposes references to internal objects (files, database records) to unauthorized users. These dorks help find such vulnerabilities.

inurl:"id=" inurl:"view"
inurl:"user_id=" inurl:"profile"
inurl:"product_id=" inurl:"details"
inurl:"file_id=" inurl:"download"
inurl:"/image_id=" inurl:"image"
inurl:"/document_id=" inurl:"view"
inurl:"/users/id="
inurl:"/media/file.php?id="
inurl:"/doc/?id="
inurl:"/user?id="
inurl:"/admin/user?id="
inurl:"/profile.php?uid="
inurl:"/settings?userid="
inurl:"/users.php?id="
inurl:"/products.php?prod_id="
inurl:"/video.php?id="

Cross-Site Request Forgery (CSRF) Dorks

These dorks identify potential vulnerabilities where a user could be tricked into performing unwanted actions by submitting a request on their behalf.

inurl:"action=delete"
inurl:"action=change_password"
inurl:"action=reset_password"
inurl:"action=update_profile"
inurl:"action=post_comment"
inurl:"action=make_purchase"
inurl:"action=add_to_cart"
inurl:"action=submit_payment"
inurl:"action=upload_file"
inurl:"action=upload_image"
inurl:"action=update_settings"
inurl:"action=login"
inurl:"action=logout"
inurl:"action=delete_account"
inurl:"action=send_message"

Unsecured API Dorks

Unsecured APIs can expose sensitive information. These dorks help identify vulnerable API endpoints.

inurl:"/api/v1/"
inurl:"/api/v2/"
inurl:"/api/login"
inurl:"/api/register"
inurl:"/api/users"
inurl:"/api/products"
inurl:"/api/get_info"
inurl:"/api/data"
inurl:"/api/upload"

Conclusion

With this final entry, we now have a complete list of 700 Google Dorks that can be used in penetration testing, cybersecurity research, vulnerability scanning, and more. These dorks provide a valuable resource for ethical hackers and cybersecurity professionals who need to identify exposed sensitive information, vulnerabilities in web applications, and other security risks.

It's essential to emphasize the ethical responsibility involved in using these dorks. They should only be used with proper authorization and in compliance with applicable laws. Unauthorized scanning or probing of websites without permission can lead to legal consequences.

Related Search Queries:

Google Dorks for penetration testing
SQL Injection Google Dorks
XSS Google Dorks
CMS vulnerability Dorks
File Inclusion vulnerabilities
Google hacking techniques
Subdomain enumeration dorks
How to use Google Dorks in penetration testing

Author: Gerard King

Page updated

Google Sites

Report abuse