Google Dork Tool

Advanced Google search operators for security testing

Target Domain (Optional)

Enter a target domain to automatically include it in all dorks, or leave empty for general-purpose queries.

Sensitive Information

Find exposed sensitive data and confidential information

5 dorks

Search for exposed passwords

HIGH
intext:"password" OR intext:"passwd" OR intext:"pwd"
Example: site:example.com intext:"password"

Find exposed API keys

HIGH
"api_key" OR "apikey" OR "api-key"
Example: site:example.com "api_key"

Search for credential files

HIGH
"username" "password" filetype:txt
Example: site:example.com "username" "password" filetype:txt

Find exposed SSH private keys

HIGH
"BEGIN RSA PRIVATE KEY" OR "BEGIN OPENSSH PRIVATE KEY"
Example: site:example.com "BEGIN RSA PRIVATE KEY"

Search for environment configuration files

HIGH
filetype:env "DB_PASSWORD" OR "API_KEY"
Example: site:example.com filetype:env "DB_PASSWORD"

Database Exposure

Discover exposed databases and SQL-related files

4 dorks

Find SQL dump files

HIGH
filetype:sql "INSERT INTO" OR "CREATE TABLE"
Example: site:example.com filetype:sql "INSERT INTO"

Search for database backup files

HIGH
filetype:bak OR filetype:backup "database"
Example: site:example.com filetype:bak "database"

Find phpinfo() pages with server info

MEDIUM
"phpinfo()" "PHP Version"
Example: site:example.com "phpinfo()" "PHP Version"

Search for database error messages

MEDIUM
"mysql_fetch_array()" OR "ORA-00921" OR "Microsoft OLE DB"
Example: site:example.com "mysql_fetch_array()"

File Discovery

Find exposed documents and configuration files

5 dorks

Search for configuration files

MEDIUM
filetype:conf OR filetype:config OR filetype:cfg
Example: site:example.com filetype:conf

Find log files with errors

MEDIUM
filetype:log "error" OR "failed" OR "exception"
Example: site:example.com filetype:log "error"

Search for Excel documents

MEDIUM
filetype:xls OR filetype:xlsx "confidential" OR "internal"
Example: site:example.com filetype:xls "confidential"

Find PDF documents with sensitive content

MEDIUM
filetype:pdf "internal" OR "confidential" OR "restricted"
Example: site:example.com filetype:pdf "internal"

Search for exposed Git repositories

HIGH
".git" OR "/.git/" OR filetype:gitignore
Example: site:example.com ".git"

Server Information

Discover server configurations and admin panels

4 dorks

Find admin login panels

MEDIUM
"admin" OR "administrator" OR "login" inurl:admin
Example: site:example.com "admin" inurl:admin

Search for Apache server status pages

MEDIUM
"server-status" OR "server-info" apache
Example: site:example.com "server-status"

Find directory listing pages

MEDIUM
"Index of /" OR "Directory Listing For"
Example: site:example.com "Index of /"

Search for backup files

MEDIUM
filetype:bak OR filetype:backup OR filetype:old
Example: site:example.com filetype:bak

Vulnerabilities

Identify potential security vulnerabilities

4 dorks

Find potential SQL injection points

HIGH
"mysql_fetch_array()" OR "mysql_num_rows()" OR "mysql_error()"
Example: site:example.com "mysql_fetch_array()"

Search for PHP error messages

MEDIUM
"Warning:" "include(" OR "require(" "failed to open stream"
Example: site:example.com "Warning:" "include("

Find ASP/ASP.NET error pages

MEDIUM
"Microsoft OLE DB Provider" OR "ADODB.Connection" error
Example: site:example.com "Microsoft OLE DB Provider"

Search for Java stack traces

MEDIUM
"at java.lang" OR "at org.apache" OR "Exception in thread"
Example: site:example.com "at java.lang"

Exposed Cameras

Find exposed security cameras and webcams

3 dorks

Search for network cameras

MEDIUM
"Network Camera" OR "IP Camera" OR "Web Camera"
Example: site:example.com "Network Camera"

Find AXIS brand cameras

MEDIUM
"AXIS Video Server" OR "Live View / - AXIS"
Example: site:example.com "AXIS Video Server"

Search for live webcam streams

LOW
"webcam" OR "camera" "live" "stream"
Example: site:example.com "webcam" "live"

Security & Legal Notice

Ethical Use Only: These Google dorks are intended for security testing on systems you own or have explicit permission to test. Unauthorized scanning or access to systems you don't own may be illegal.

Responsible Disclosure: If you discover vulnerabilities using these dorks, follow responsible disclosure practices and report findings to the appropriate parties.

Rate Limiting: Google may rate limit or block excessive automated queries. Use these dorks responsibly and consider Google's terms of service.

Pro Tips

Search Operators

  • site: - Limit to specific domain
  • filetype: - Search specific file types
  • intext: - Find text within pages
  • inurl: - Search within URLs

Best Practices

  • • Start with low-risk dorks first
  • • Combine multiple operators for precision
  • • Use quotes for exact phrase matching
  • • Document findings for reporting
25
Total Dorks
6
Categories
9
High Risk
General
Search Mode

Google Dork Tool by TheCyberHub •Suggest New DorksReport Issues

Always ensure you have proper authorization before testing systems with these dorks.