in ,

Google Hacking For Penetration Testing

What is Google Hacking/Dorking?

Google hacking is a passive information gathering/footprinting technique that is used to discover vulnerabilities, data exposure, and security misconfigurations in websites. It involves using specialized search query operators to finetune results based on what you are looking for.

Common Google search query operators

site: Narrows results to a site or a specific TLD. Example:

intitle: Restricts results to titles of webpages. Example: intitle:”HackerSploit”

inurl: Restricts results to the URL of a website. Example: inurl:about

filetype: Searches for specific filetypes based on the extensions. Example: filetype:pdf

link: Searches for pages linking to a specified URL. Example:

cache: Searches for a cached copy of a webpage when it was indexed by Google. Example:

To learn more about the other search operators, please refer to the sources at the bottom of the page or, alternatively, the image below explains the use-case and the scope of functionality of Google search operators.


Google hacking for penetration testing

The following are a list of search queries that can be used to discover vulnerabilities, misconfigurations, admin panels, and credentials of companies and their respective websites/domains.

Credentials and serials gmail

Personal details intitle:john ssn

File Types

intitle:kali filetype:iso

Directory Listing

intitle:"Index of"

etc directory listing


SQL Database credentials or config files

intitle:"Index of" config.php
intitle:"Index of" wp-config.php

Microsoft database files

allinurl:admin filetype:mdb

Terminal Servers on the web


Auth User files



login: * password= * filetype:xls


Using the Google Hacking Database (GHDB)

The GHDB is a database/collection of Google search queries specifically crafted to find vulnerabilities, misconfigurations, and data exposure. You can use the GHDB to find strings and search queries to fine-tune results based on the information/vulnerabilities you are looking for.


Cybertalk – EP5 – Is The CEH Worth It?

Docker For Pentesting And Bug Bounty Hunting