Open In App

What is Google Dorking?

Last Updated : 28 Mar, 2023
Improve
Improve
Like Article
Like
Save
Share
Report

Google Dorking is a technique used by hackers and security researchers to find sensitive information on websites using Google’s search engine. It is also known as Google hacking or Google Dorking.

Search Filters

Google Dorking involves using advanced search operations in Google to search for specific keywords, file types, or website parameters. These operators can be combined to create more powerful search queries that can reveal information that would not be easily accessible otherwise.

Some examples of advanced search operators used in Google Dorking include:

         Dork          

Description

Example

allintext

 Searches for occurrences of all the keywords given. allintext:”keyword”

intext

 Searches for the occurrences of keywords all at once or one at a time. intext:”keyword”

inurl

 Searches for a URL matching one of the keywords. inurl:”keyword”

intitle

 Searches for occurrences of keywords in title all or one. intitle:”keyword”

site

 Specifically searches that particular site and lists all the results for that site. site:”www.geeksforgeeks.org”

filetype

 Searches for a particular filetype mentioned in the query. filetype:”pdf”

link

 Searches for external links to pages link:”keyword”

related

 List web pages that are “similar” to a specified web page. related:www.geeksforgeeks.org

cache

 Shows the version of the web page that Google has in its cache. cache:www.geeksforgeeks.org

These are some of the dorks who generally used more as compared to other dorks. Dorks are just not limited to this list, you can also make your own custom dork by innovating already existing dorks. For reference, you can visit Google Hacking Database.

Examples

Let’s have an example of using a dork intitle:”GeeksForGeeks” which will filter the sites containing GeeksForGeeks in their title :

intitle:”GeeksForGeeks”  (There are a lot more results, explore it by doing)

And one more inurl:”GeeksForGeeks”, it will filter all those sites which are having GeeksForGeeks in their URL.

inurl:”GeeksForGeeks”    (Try it yourself to learn more)

Other Operators

Apart from the above-mentioned operator, there are also some logical operators which can be used to filter the search engine results according to the need. You will definitely get the stuff on seeing these operators. Here are these:

  • OR: This self-explanatory operator searches for a given search term OR an equivalent term. 
site:geeksforgeeks.org | site:www.geeksforgeeks.org
  • AND: Similarly, this operator searches for a given search term AND an equivalent term.
site:geeksforgeeks.com & site:www.geeksforgeeks.org
  • Search Term: This operator only looks for the precise phrase within speech marks.
"GeeksForGeeks POTD"
  • Glob Pattern (*): This works best when you don’t know what goes on in the place of the asterisk(*).
site: *.geeksforgeeks.org
  • Including Results: Will include the results.
site:linkedin.com +site:linkedin.*
  • Exclude Results: Will exclude the results.
site:linkedin.* -site:linkedin.com

This is all about the operators which can be used apart from the dorks which doing a google search.

While Google Dorking can be used for legitimate purposes such as researching a website’s security vulnerabilities, hackers use this technique maliciously to find sensitive information such as usernames, passwords, and other potential information. As a result, it is important for website owners to secure their websites and avoid exposing sensitive information in publicly accessible directories.

In addition, internet users should also be careful about the information they share online and use strong, unique passwords for each of their online accounts to avoid falling victim to a cyber attack.

Overall, Google Dorking is a powerful technique that can be used for both good and bad purposes. Website owners and internet users should be aware of its potential risks and take steps to protect themselves from any potential security breaches.

Prevention From Google Dorking

As an owner/developer, you will wish your website to be secure from google dorking. You can do so by following the below-mentioned stuff:

  • Use Robots.txt: You may tell search engines not to index particular web pages or directories on your website using a robots.txt file. By doing this, you may be able to stop attackers from discovering weak points on your website. There are a lot of modifications that can be done to robots.txt. For ex:
<META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW">
// This meta tag will prevent all
 robots from scanning your website

To get more insights about robots.txt, follow this GFG Article.

  • Disable Directory Indexing: Web servers frequently permit directory crawling by default, allowing anybody to see a directory’s contents. You can stop it from happening by turning off directory indexing in your web server settings.
  • Use a Firewall: You can use a WAF (Web Application Firewall) to enhance the security of your website. It will provide you with an extra layer of security.
  • Use Access Control: You can use authentication or MFA (Multi-Factor Authentication) on the pages if you don’t want let anyone to have access. It will prevent unauthorized access to the website.

By following these methods, you can protect your website over the internet from google hackers, or better to say, google dorking.

Note: This article is only for educational purposes. 


Like Article
Suggest improvement
Next
What is Google Brain?
Share your thoughts in the comments

Similar Reads

Google topics for Interview Preparation
Google Interview Preparation

P
pg99q7mk
Article Tags :
We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy
Lightbox