Google Dorks List “Google Hacking” is mainly referred to pull the sensitive information from Google using advanced search terms that help users to search the index of a specific website, specific file type and some interesting information from unsecured Websites.

Google Dorks list 2020 can uncover some incredible information such as email addresses and lists, login credentials, sensitive files, website vulnerabilities, and even financial information (e.g. payment card data).

What is Google Dork?

A Google Dork, also known as Google Dorking or Google hacking, is a valuable resource for security researchers. For the average person, Google is just a search engine used to find text, images, videos, and news. However, in the infosec world, Google is a useful hacking tool.

How would anyone use Google to hack websites?

Well, you can’t hack sites directly using Google, but as it has tremendous web-crawling capabilities, it can index almost anything within your website, including sensitive information. This means you could be exposing too much information about your web technologies, usernames, passwords, and general vulnerabilities without even knowing it.

In other words: Google “Dorking” is the practice of using Google to find vulnerable web applications and servers by using native Google search engine capabilities.

Unless you block specific resources from your website using a robots.txt file, Google indexes all the information that is present on any website. Logically, after some time any person in the world can access that information if they know what to search for.

Important note: while this information is publicly available on the Internet, and it is provided and encouraged to be used by Google on a legal basis, people with the wrong intentions could use this information to harm your online presence.

Be aware that Google also knows who you are when you perform this kind of query For this reason and many others, it’s advised to use it only with good intentions, whether for your own research or while looking for ways to defend your website against this kind of vulnerability.

While some webmasters expose sensitive information on their own, this doesn’t mean it’s legal to take advantage of or exploit that information. If you do so you’ll be marked as a cybercriminal. It’s pretty easy to track your browsing IP, even if you’re using a VPN service. It’s not as anonymous as you think.

Before reading any further, be aware that Google will start blocking your connection if you connect from a single static IP. It will ask for captcha challenges to prevent automated queries.

Here could see an example to understand how Google Darks password used by hackers to gain sensitive information from specific websites.

  • inurl: domain/” “additional dorks

A hacker would simply use in the desired parameters as follows:

  • inurl = the URL of a site you want to query
  • domain = the domain for the site
  • dorks = the sub-fields and parameters that a hacker wants to scan

The best way to use Google dorks legally is to find vulnerabilities on your own website.

We can also use other search filed than URL that will help to uncover a lot of information about a site.


Download Google Dorks List 2019

Download Google Dorks List 2020


Google dorks are also known as Google hacking. Our Amigo Cyber Experts have tried our best to give you a most relevant Google Dorks list to query for best search results using about search operator and give you most of the information that is difficult to locate through simple search queries.


Leave a Reply

Report an incident