GDorks: Uncover the Hidden Gems of the Internet π
Welcome to GDorks, your gateway to the hidden wonders of the internet! π
Give us a βοΈ if you find this project helpful!
Dive into the world of Google dorks with over 320+ categories and a whopping 3M+ dorks waiting to be uncovered!
- Dorks(1M)/
- README.md
- Split #1.txt
- Split #2.txt
- Split #3.txt
- ...
- More-Dorks/
- README.md
- 7k.txt
- best2.txt
- Amazon10k.txt
- Gaming.txt
- Shoping.txt
- ...
- SQLi/
- README.md
- Sqli.txt
- Sqli2.txt
- ...
- XSS/
- README.md
- XSS.txt
- ...
- LFI/
- README.md
- LFI.txt
- ...
- WordPress/
- README.md
- 17k.txt
- wp(30K).txt
- ...
- Joomla/
- README.md
- Joomla.txt
- Joomla2.txt
- ...
- Laravel/
- README.md
- 1.txt
- ...
- CCTV/
- README.md
- cctv.txt
- ...
- Netflix/
- 48.txt
- ...
- dorks.txt,dorks.json,dorks2.txt,dorks3.txt,dorks-2023.txt,dork...
Google dorks are specially crafted search queries that use a combination of advanced search operators to fine-tune your Google searches. By employing these dorks, you can focus on specific search results, unveiling hidden gems that ordinary searches might miss.
Google dorks follow a particular syntax using advanced search operators that refine search results. Some popular operators include:
-
intitle: Searches for pages with a specific keyword in the title.
Example:
intitle:"ishanoshada"
will find pages with "ishanoshada" in the title. -
inurl: Searches for URLs containing a specific keyword.
Example:
inurl:python
will find URLs containing the word "python". -
filetype: Narrows results to specific file types (e.g.,
pdf
,doc
,csv
).Example:
filetype:pdf site:example.com
will find PDF files on "example.com". -
site: Limits the search to a specific website (e.g.,
site:example.com
).Example:
site:github.com ishanoshada
will search for pages mentioning "ishanoshada" only on GitHub. -
intext: Searches for pages with a specific keyword in the page content.
Example:
intext:"artificial intelligence"
will find pages containing the phrase "artificial intelligence". -
ext: Limits results to files with a specific extension (e.g.,
ext:php
).Example:
ext:html inurl:about
will find HTML files with "about" in the URL. -
cache: Finds cached versions of a webpage.
Example:
cache:example.com
will show Google's cached version of "example.com". -
link: Finds pages that link to a specific URL.
Example:
link:example.com
will find pages that link to "example.com". -
related: Finds pages related to a specific URL.
Example:
related:example.com
will find pages related to "example.com". -
define: Provides definitions for a specific term.
Example:
define:cybersecurity
will give a definition for the term "cybersecurity". -
info: Provides information about a specific URL.
Example:
info:example.com
will give information about "example.com". -
movie: Finds information about a specific movie.
Example:
movie:Inception
will provide information about the movie "Inception". -
book: Finds information about a specific book.
Example:
book:"To Kill a Mockingbird"
will provide information about the book "To Kill a Mockingbird". -
weather: Provides current weather conditions and forecasts for a specific location.
Example:
weather:New York
will provide weather information for New York. -
stocks: Provides stock market information for a specific company.
Example:
stocks:GOOGL
will provide stock information for Google. -
map: Displays a map centered around a specific location.
Example:
map:Sri Lanka
will display a map centered around New York. -
movie showtimes: Provides movie showtimes for a specific location.
Example:
movie showtimes:Los Angeles
will display movie showtimes for Los Angeles. -
calculator: Functions as a basic calculator.
Example:
calculator:2+2
will return the result "4". -
define: Provides definitions for a specific term.
Example:
define:quantum
will define the term "quantum".
- Clone the Repository: Clone this repository to your local machine to access the Google dork list.
git clone https://github.com/ishanoshada/GDorks.git
-
Explore the Dorks: The
dorks.txt
file in the repository contains a collection of Google dorks. Open the file using any text editor to view and use the dorks for your purposes. -
Using Google Dorks: To use these dorks, simply copy and paste a dork of your choice into the Google search bar or use them with specialized search tools designed for Google hacking. Remember to exercise caution and ensure you are using these dorks responsibly and legally.
Discover live camera feeds from all over the globe! Marvel at breathtaking scenery, bustling streets, and serene sunsets. Be a virtual traveler with these dorks:
inurl:/view.shtml
intitle:"Live View / - AXIS"
inurl:/control/userimage.html
intitle:"Toshiba Network Camera" user login
intitle:"i-Catcher Console - Web Monitor"
...
SQL Injection is a type of security vulnerability that allows attackers to manipulate a web application's database by injecting malicious SQL code into input fields or parameters. This can lead to unauthorized access, data leakage, or even complete control of the database.
inurl:"product.php?pid="
inurl:"category.php?id="
inurl:"news.php?id="
inurl:"gallery.php?id="
inurl:"article.php?id="
inurl:"profile.php?id="
inurl:"product-list.php?id="
inurl:"product-detail.php?id="
...
Cross-Site Scripting (XSS) is a security vulnerability that allows attackers to inject malicious scripts into web pages viewed by other users. This can lead to session hijacking, cookie theft, or the execution of arbitrary code in the context of the victim's browser.
inurl:"search.php?q="
inurl:"results.php?q="
inurl:"gallery.php?name="
inurl:"blog.php?title="
inurl:"category.php?name="
inurl:"faq.php?question="
inurl:"feedback.php?comment="
...
Unearth vulnerable servers, weak points, and potential security risks. Help make the web safer by reporting any vulnerabilities you discover. Protect and educate!
intitle:"Test Page for the Apache Web Server on Fedora Core"
intitle:"Index of" "CentOS" "Test Page"
intitle:"Test Page for the Nginx HTTP Server"
...
π Category: Sensitive Directories - Beware of Hidden Paths
Explore hidden directories, secret realms, and confidential data that accidentally made its way into public view. Tread carefully!
intitle:"Index of /admin"
intitle:"Index of /backup"
intitle:"Index of /config"
...
Stumble upon database files that might contain sensitive information. Handle with care and utmost respect for privacy.
filetype:sql intext:username password
filetype:sql "insert into" (pass|passwd|password)
...
Discover login portals, access points, and entryways into secured systems. Respect the sanctity of access controls and never trespass!
intitle:"Login" inurl:/login
intitle:"Login" inurl:/signin
...
Navigate through network devices, routers, and access points. Find and secure, but never intrude!
intitle:"RouterOS" inurl:/winbox
intitle:"Ubiquiti" intext:"airOS"
...
Explore CCTV systems, camera setups, and surveillance feeds. Respect privacy and avoid unethical use!
intitle:"DVR Login" inurl:/login.htm
...
Discover Apache Tomcat servers and applications. Handle with care and report any vulnerabilities responsibly!
intitle:"Apache Tomcat" intext:"Apache Tomcat"
...
Analyze various error messages to understand web server behavior and potential weaknesses. Report responsibly!
intext:"Error 404: Not Found"
...
Stumble upon Git repositories, codebases, and version control systems. Respect intellectual property and never exploit!
filetype:gitweb inurl:git
...
Uncover configuration files and system settings. Treat them with utmost care and privacy!
filetype:conf inurl:web.config
...
Discover PHP information files. Handle this knowledge responsibly!
filetype:php inurl:info
...
Explore WordPress sites and blogs. Respect intellectual property and refrain from unauthorized access!
inurl:/wp-admin
...
Embark on a quest to find open directories with valuable content. Treat what you find with respect and privacy!
intitle:"Index of /" + "backup"
...
Unlock direct links to Google Drive files. Respect the owner's privacy and intellectual property!
inurl:"/uc?id="
...
Stumble upon WordPress configuration files. Handle them responsibly and respect privacy!
filetype:txt inurl:wp-config
...
Find AWS access keys, but be cautious! Report responsibly and never exploit!
filetype:pem intext:PRIVATE KEY
...
Discover various configuration files. Handle with care, and never misuse!
filetype:env intext:AWS_SECRET_ACCESS_KEY
...
-
Finding URLs with a Specific Keyword:
inurl:"keyword"
- Searches for URLs containing the specified keyword.
-
Excluding Specific Terms:
-term
- Excludes results containing the specified term.
-
Searching for Pages with a Specific Title:
intitle:"your search term"
- Searches for pages with the specified term in the title.
-
Looking for Pages with a Specific Extension:
ext:php
- Limits results to files with a PHP extension.ext:html
- Limits results to HTML files.
-
Finding Social Media Profiles:
site:facebook.com "John Doe"
- Searches for Facebook profiles with the name "John Doe".
-
Locating Login Pages:
intitle:"Login" inurl:/login
- Finds login pages.
-
Exploring Subdomains:
site:*.example.com
- Searches for subdomains of "example.com".
-
Finding Vulnerable Webcams:
intitle:"Live View / - AXIS"
- Searches for AXIS webcams.
-
Discovering Exposed Git Repositories:
intitle:index.of.git
- Searches for exposed Git repositories.
-
Uncovering Open Directories:
intitle:"Index of /"
- Searches for open directories.
-
Identifying Exposed Elasticsearch Instances:
intitle:"Kibana" intext:"You know, for search"
- Searches for publicly accessible Elasticsearch instances.
-
Hunting for Configuration Files:
filetype:env intext:AWS_SECRET_ACCESS_KEY
- Searches for AWS secret access keys in configuration files.
-
Revealing WordPress Configuration Files:
filetype:txt inurl:wp-config
- Searches for WordPress configuration files.
-
Finding AWS Access Keys:
filetype:pem intext:PRIVATE KEY
- Searches for AWS private keys.
-
Finding Vulnerable PHP Scripts:
intitle:"PHP Shell"
- Searches for pages with PHP shells.
-
Locating Exposed Admin Panels:
intitle:"Admin Login"
- Searches for pages with "Admin Login" in the title.
-
Discovering Network Devices with Default Credentials:
intitle:"Router Login" | intext:"default username"
- Searches for router login pages with default usernames.
-
Exploring Database Backup Files:
ext:sql intext:"-- MySQL dump"
- Searches for MySQL database dump files.
-
Identifying Exposed MongoDB Instances:
intitle:"MongoDB Shell"
- Searches for MongoDB admin consoles.
-
Hunting for Backup Files:
intitle:"Index of /backup"
- Searches for directories with "backup" in the name.
-
Uncovering Exposed Jenkins Instances:
intitle:"Dashboard [Jenkins]"
- Searches for Jenkins dashboard pages.
-
Finding Apache Struts Vulnerabilities:
intitle:"Welcome to the Apache Struts" intext:"showcase"
- Searches for Apache Struts showcase applications.
-
Discovering Exposed WordPress Theme Files:
inurl:/wp-content/themes/ intitle:"Index of"
- Searches for directories with WordPress theme files.
-
Locating Exposed GitLab Repositories:
intitle:"index of /" inurl:".gitlab.yml"
- Searches for GitLab configuration files.
-
Hunting for Exposed Jupyter Notebooks:
intitle:"Jupyter Notebook" -"Sign Up" -"Log In"
- Searches for public Jupyter notebooks.
-
Finding Misconfigured Jenkins Instances:
intitle:"Dashboard [Jenkins]" inurl:/job/
- Searches for Jenkins jobs.
-
Exploring Exposed Grafana Dashboards:
intitle:"Grafana"
- Searches for Grafana dashboard pages.
Country | Most Used Dork List | Security Level (%) |
---|---|---|
United States | "inurl:/view.shtml" "intitle:"Live View / - AXIS"" | 85 |
India | "inurl:"product.php?pid="" "inurl:"category.php?id="" | 70 |
United Kingdom | "inurl:"search.php?q="" "inurl:"results.php?q="" | 80 |
Australia | "intitle:"Test Page for the Apache Web Server on Fedora Core"" | 75 |
Canada | "intitle:"Test Page for the Nginx HTTP Server"" | 80 |
Germany | "intitle:"Index of /admin"" "intitle:"Index of /config"" | 85 |
France | "filetype:sql intext:username password" "intext:"Error 404: Not Found"" | 75 |
Brazil | "inurl:"/uc?id="" "filetype:env intext:AWS_SECRET_ACCESS_KEY" | 70 |
Japan | "intext:"Error 404: Not Found"" "inurl:/wp-admin" | 80 |
South Africa | "filetype:php inurl:info" "filetype:pem intext:PRIVATE KEY" | 75 |
Russia | "intitle:"index of" "backup"" "filetype:xls inurl:admin" | 70 |
China | "inurl:"/web-console/ServerInfo.jsp"" "intext:password filetype:log" | 85 |
Mexico | "intext:"Index of /backup"" "filetype:log inurl:web.config" | 75 |
Spain | "intitle:"index of" "passwords.txt"" "filetype:txt inurl:config" | 80 |
Italy | "intitle:"Index of /config"" "filetype:xml inurl:admin" | 80 |
Argentina | "inurl:"/wp-admin" intitle:"login"" "intext:"Index of /wp-content/uploads"" | 75 |
Nigeria | "intitle:"index of" "database.sql"" "filetype:ini inurl:admin" | 70 |
Saudi Arabia | "inurl:/console/CrystalReportsWebFormViewer.aspx" "filetype:sql intext:username password" | 85 |
Netherlands | "inurl:/console/login/LoginForm.jsp" "filetype:log inurl:admin" | 80 |
Indonesia | "inurl:/cgi-bin/printer/printer.cgi" "filetype:reg inurl:web.config" | 75 |
Turkey | "intitle:"index of" "config.txt"" "filetype:xml inurl:admin" | 80 |
South Korea | "inurl:/servlet/Main" "filetype:sql intext:username password" | 80 |
Thailand | "intitle:"index of" "config.xml"" "filetype:log inurl:web.config" | 75 |
Egypt | "inurl:/console/login/LoginForm.jsp" "filetype:txt inurl:admin" | 70 |
Singapore | "intext:"index of" "database.sql"" "filetype:ini inurl:admin" | 80 |
Malaysia | "intitle:"index of" "config.xml"" "filetype:log inurl:web.config" | 75 |
Philippines | "inurl:/console/CrystalReportsWebFormViewer.aspx" "filetype:sql intext:username password" | 75 |
Vietnam | "inurl:/console/login/LoginForm.jsp" "filetype:log inurl:admin" | 75 |
Bangladesh | "intext:"index of" "config.txt"" "filetype:xml inurl:admin" | 70 |
Sri Lanka | "inurl:/console/CrystalReportsWebFormViewer.aspx" "filetype:sql intext:username password" | 70 |
Israel | "intitle:"Index of /admin"" "filetype:xls inurl:admin" | 80 |
Pakistan | "intitle:"index of" "passwords.txt"" "filetype:txt inurl:config" | 70 |
Iran | "inurl:/cgi-bin/printer/printer.cgi" "filetype:reg inurl:web.config" | 75 |
Iraq | "intitle:"index of" "config.txt"" "filetype:xml inurl:admin" | 70 |
Afghanistan | "inurl:/servlet/Main" "filetype:sql intext:username password" | 75 |
Kazakhstan | "intitle:"index of" "config.xml"" "filetype:log inurl:web.config" | 75 |
Join the quest to build a comprehensive and responsible Google dork list. Contribute ethically and explore the internet responsibly with GDorks!
Give us a βοΈ if GDorks has been your guide in the vast online landscape!
This list is for educational purposes only. Use Google dorks responsibly, respect privacy, intellectual property, and abide by all laws and regulations. Let's make the internet safer and more secure together!
Happy dorking! π
## Frequently Asked Questions (FAQ)
### What are Google Dorks?
Google dorks are specialized search queries that use advanced search operators to refine Google searches. They help users find specific information that might be overlooked in regular searches.
### Can I Use GDorks for Malicious Activities?
No, GDorks is intended for educational purposes only. Any unauthorized or malicious use is strictly prohibited. Use GDorks responsibly, respecting privacy and legal boundaries.
### How Often is GDorks Updated?
The repository is periodically updated to include new dorks and improve existing ones. You can contribute to the project by submitting your dorks or enhancements.
### I Found a Security Vulnerability. What Should I Do?
If you discover a security vulnerability, please report it responsibly to the website owner or administrator. Do not exploit or disclose vulnerabilities publicly.
For more questions, check our full FAQ section.
Note: This list is for educational purposes only. Always use Google dorks responsibly and never engage in any unauthorized or unethical activities. Respect privacy, intellectual property, and abide by all applicable laws and regulations. Let's make the internet a safer and more secure place! Happy dorking!