Google Dorks Operators

Complete Reference Guide

Ad Space - 728×90 or Responsive Banner

What Are Google Dorks?

Google Dorks (also called Google hacking) use advanced search operators to find information not readily available through normal searches. Security researchers, OSINT analysts, and penetration testers use these operators to discover exposed data, vulnerabilities, and publicly indexed sensitive information.

📚 Reference: Maltego Google Dorks Guide

💡 Quick Start Tips

Combine operators: site:example.com filetype:pdf

Multiple keywords: Use confidential OR backup OR private

Exact phrases: Wrap in quotes: "internal use only"

Exclude terms: Use minus: -site:gov -site:edu

All Search Operators

🔍 Basic Search Operators

"" (Exact Phrase)

Searches for the exact phrase inside quotes

"confidential document"
OR (Alternative Terms)

Searches for either term (| also works)

confidential OR private OR secret
AND (Required Terms)

Both terms must appear (space also works)

password AND database
- (Exclude Term)

Excludes results containing the term

security -vendor -advertisement
* (Wildcard)

Acts as a wildcard for unknown words

"admin * panel"
() (Group Terms)

Groups terms or operators together

site:edu (login OR admin)

📄 File Type Operators

filetype: (File Extension)

Finds files of a specific type

filetype:pdf confidential
ext: (Same as filetype)

Alternative form of filetype:

ext:xlsx financial report

🌐 Site & Domain Operators

site: (Specific Site/Domain)

Searches within a specific website or domain

site:example.com admin
related: (Similar Sites)

Finds sites similar to a given URL

related:github.com

📋 Title Operators

intitle: (Term in Title)

Finds pages with the term in the title

intitle:"index of" backup
allintitle: (All Terms in Title)

All terms must appear in the title

allintitle: admin login panel

🔗 URL Operators

inurl: (Term in URL)

Finds pages with the term in the URL

inurl:admin
allinurl: (All Terms in URL)

All terms must appear in the URL

allinurl: admin php login

📝 Text Content Operators

intext: (Term in Body)

Finds pages with the term in body text

intext:"database error"
allintext: (All Terms in Body)

All terms must appear in body text

allintext: username password admin
inanchor: (Term in Anchor Text)

Finds pages with term in anchor text

inanchor:"download pdf"
allinanchor: (All Terms in Anchor)

All terms must be in anchor text

allinanchor: click here download

🛠️ Utility Operators

cache: (Cached Page)

Displays Google's cached version of a page

cache:example.com
define: (Word Definition)

Shows definition of a word

define:phishing
weather: (Weather Info)

Shows weather for a location

weather:Seattle
stocks: (Stock Info)

Displays stock info for a ticker

stocks:AAPL
map: (Map Location)

Shows map for a location

map:New York City
movie: (Movie Info)

Finds info about a movie or showtimes

movie:Inception

📅 Date & Time Operators

before: (Before Date)

Finds results published before a date

before:2020-01-01 vulnerability
after: (After Date)

Finds results published after a date

after:2023-01-01 data breach
daterange: (Julian Date Range)

Filters by Julian date range (advanced)

daterange:2457388-2457753

📍 Location & News Operators

loc: (Location Filter)

Limits results to a specific location

loc:"San Francisco" tech news
location: (News Location)

Similar to loc:, for news location filtering

location:London
source: (News Source)

Filters news by source (Google News)

source:reuters cybersecurity

⚡ Advanced Operators

AROUND(X) (Proximity Search)

Finds words near each other, within X words

security AROUND(3) vulnerability

🎯 Real-World Examples

Finding Exposed Configuration Files

filetype:env DB_PASSWORD

Searches for .env files containing database passwords

Finding Specific PDFs on a Domain

site:example.com filetype:pdf intitle:"financial report"

Finds PDF financial reports on a specific domain

Finding Directory Listings

intitle:"index of" (backup OR private OR confidential)

Finds open directory listings with sensitive data

Finding Login Panels

inurl:/admin/ inurl:/login/ site:edu

Finds admin login pages on educational domains

⚠️ Legal & Ethical Use

Authorization Required: Only use these operators on systems you own or have explicit written permission to test.

Legal Consequences: Unauthorized access and exploitation violate the Computer Fraud and Abuse Act (CFAA) and can result in criminal prosecution.

Responsible Disclosure: If you discover vulnerabilities, report them through proper channels. Do not exploit or share them publicly.

Educational Purpose: This guide is for educational and authorized security research only.

Ready to Build Your Query?

Use DorkFlow to combine these operators and create powerful search queries