/Google-Dorks-Full_list

Approx 10.000 lines of Google dorks search queries - Use this for research purposes only

MIT LicenseMIT

Google-Dorks-Full_list

	Maintainer: TUXCMD
	Contributors: BullsEye0
	License: MiT 
	Latest version: 27th June 2020

Changelog

Updated the full list
Added google forks in .txt format
Added Google'Admin' dorks section in .txt format
Updated the README.MD
Added exploit-DB (Database)
Added link to The Cyber Plubmer's Handbook by [opsdisk](https://github.com/opsdisk)

Description

Approx 10.000 lines of Google dorks search queries! please initiate a pull request in order to contribute and have your findings added! I will try to keep this list up- to date whenever I've some spare time left.

	Feel free to contribute to this repo! 

Screenshot


Google dorks (googledorks_full.md)

Click here for the full list

or

Click here for the .txt RAW list

Google admin dorks

Use the following syntax

site:targetwebite.com inurl:admindork

Click here for the .txt RAW full admin dork list

Warning:

It is an illegal act to build a database with Google Dorks. Only use this for research purposes! exploiting these search queries to obtain dataleaks, databases or other sensitive information might cause you a lot of trouble and perhaps even jail.

...

Blocked / Soft banned by Google?

Google might flag you as a 'bot' if you are facing 503' error's you might even be soft- banned. Just use proxychains or FoxyProxy's browser plugin.

Check out the article from opsdisk

The Cyber Plubmer's Handbook

Opsdisk wrote an awesome book - recommended if you care about maximizing the capiabilities within SSH

cph.opsdisk.com


You can find the following types of vulnerabilities by using Google Dorks

Don’t underestimate the power of Google search. It has most powerful web crawlers in the world, it provides lots of smart search operators and options to filter out only needed information. That’s what make Google Dorks powerful. If used correctly, it can help in finding :

Footholds

Queries that can help a hacker gain a foothold into a web server

Web Server Detection

These links demonstrate Google’s awesome ability to profile web servers.

Files containing usernames

These files contain usernames, but no passwords… Still, google finding usernames on a web site.

Sensitive Directories

Google’s collection of web sites sharing sensitive directories. The files contained in here will vary from sensitive to uber-secret!

Vulnerable Files

HUNDREDS of vulnerable files that Google can find on websites

Files containing passwords

PASSWORDS, for the LOVE OF GOD!!! Google found PASSWORDS!

Vulnerable Servers

These searches reveal servers with specific vulnerabilities. These are found in a different way than the searches found in the “Vulnerable Files” section.

Sensitive Online Shopping Info

Examples of queries that can reveal online shopping info like customer data, suppliers, orders, credit card numbers, credit card info, etc.

Error Messages

Really retarded error messages that say WAY too much!

Files containing juicy info

No usernames or passwords, but interesting stuff none the less.

Network or vulnerability data

These pages contain such things as firewall logs, honeypot logs, network information, IDS logs… all sorts of fun stuff!

Pages containing login portals

These are login pages for various services. Consider them the front door of a website’s more sensitive functions.

Various Online Devices

This category contains things like printers, video cameras, and all sorts of cool things found on the web with Google.

Advisories and Vulnerabilities

These searches locate vulnerable servers. These searches are often generated from various security advisory posts, and in many cases are product or version-specific.

Buy Me A Coffee