Hy Friends, hope you’re well. Today I am going to share a list of the Latest Google Dork List 2023. With the help of this google dorks list, you can find some interesting information from vulnerable websites.

Google Dorks List

Table of contents

What is Google Dork?

Google Dork is a search string. We use these strings for advanced search operators to find information that is difficult to locate through simple search queries.

Google Dork Commands

Some of the most popular Google Dorking commands are below:

inurl: You can use this Google string to get results from a specific web address. For example, if you want to find the login page of the website, you have to type: inurl:login site:website.com in the Google search bar.

intitle: Search your query in the title. For example, intitle:coolzgeeks.

intext: Use this string to find your query from the webpage. For example, intext:crypto site:coolzgeeks.com

filetype: You can use the filetype string to search for files on Google. For example, filetype:pdf site:.com

cache: Use the cache Google Dork to view the cached version of the webpage.

site: Get results from a certain website. For Example, site:coolzgeeks.com.

Google Dork Complete Cheat Sheet

Below are some Google Dorks Strings. Copy one of the Dork and paste it into Google.

inurl:/admin/
inurl:/admin site:.gov
site:.gov inurl:admin login
"Index of /" +passwd
"Index of /" +password.txt
"EMAIL_HOST_PASSWORD" ext:yml | ext:env | ext:txt | ext:log
admin.php?page=
admin/index.php?o=
inurl:..edu filetype:txt
intitle:index.of "users.db"
intitle:"Pi-hole-ip" inurl:admin
"Login to Usermin" inurl:20000
"not for public release"
"not for distribution"
intitle:"System Administration" inurl:top.cgi
"Please authenticate yourself to get access to the management interface"
"Please log in"
intext:ESS inurl:login
inurl:"admin/default.aspx"
"Please login with admin pass"
"set up the administrator user"
activate your account site:temp-mail.org
allintitle:admin.php
inurl:admin filetype:asp inurl:userlist
inurl:add_username
intitle:password site:pastebin.com
intext:"defaultusername" +intext:"defaultpassword" inurl:reg
inurl:"password.xls"
inurl:"email.xls"
intext:"@gmail.com" AND intext:"@yahoo.com" filetype:xls
inurl:"data.xls"
inurl:"database.xls"
inurl:/admin2/index.asp
inurl:/admin/account.php
inurl:/admin/adminarea.php
inurl:/adminarea/index.asp
inurl:/admin_area/index.html
inurl:/admin_area/login.asp
inurl:/adminarea/login.php
inurl:/admin/checklogin.php
inurl:/adm/index.asp
inurl:/adm/index.html
inurl:/adm/index.php
inurl:/admin/home.asp
inurl:/admin/home.html
inurl:/admin_home.php
inurl:/admin/home.php
inurl:/admin/loginsuccess
inurl:/admin/gallery
inurl:/admin/admin.php
inurl:/admin/admin.asp
inurl:/admin/private
inurl:/home_admin
inurl:admin/index.php
inurl:admin/user
inurl:admin/password
Please enter a valid password! inurl:admin site:.
inurl:products/product.php?pid=
inurl:login.cgi
intitle:"Index of" wp-admin
intitle:index.of upload.php
inurl:passlist.txt
inurl:password.log filetype:log
site:*.com intitle:”Thank You For Your Order” intext:Click Here to Download
inurl:/view.index.shtml
inurl:/view.shtml
inurl:Proxy.txt
fileadmin/
inurl:LiveUser_Admin/
inurl:showlogin/
inurl:login-redirect/ site:.bd
site:.ir admin login.php
inurl:admin inurl:uploads
inurl:/profile.php?lookup=1
"Index of" "upload_image.php"
inurl:updown.php
inurl:"q=user/password"
"Reflector Dashboard" inurl:/db/index.php/
Index of: /services/aadhar card/
Index of: /services/pancard/
intitle:"index of" "/admin_backup"
intitle:"Index of" "WhatsApp Images"
intitle:"Index of" "WhatsApp Databases"
intitle:"Index of" "WhatsApp chat"
intitle:"Index of" "DCIM"
inurl:/view/index.shtml”Camera”

Dorks for Sensitive Files

You can use a filetype search string for finding files on the internet. Below are some examples:

filetype:dat “password.dat"
filetype:pass pass intext:userid
filetype:xls inurl:contact
filetype:xls username email password
filetype:ini ws_ftp pwd
filetype:ldb admin
filetype:SWF SWF
filetype:TXT TXT
filetype:XLS XLS
filetype:asp “Custom Error Message” Category Source
filetype:bak inurl:”htaccess|passwd|shadow|htusers”
filetype:conf inurl:firewall -intitle:cvs
filetype:conf inurl:proftpd. PROFTP FTP server configuration file reveals
filetype:dat \”password.dat\”
filetype:mdb inurl:users.mdb
filetype:ora ora
filetype:ora tnsnames
filetype:pass pass intext:userid
filetype:pdf “Assessment Report” nessus
filetype:pem intext:private
filetype:properties inurl:db intext:password
filetype:pst inurl:”outlook.pst”
filetype:reg reg +intext:”defaultusername” +intext:”defaultpassword” filetype:reg reg +intext:\”defaultusername\” +intext:\”defaultpassword\” filetype:reg reg +intext:”defaultusername” +intext:”defaultpassword” filetype:reg reg HKEY Windows Registry exports can reveal
filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS
filetype:sql “insert into” (pass|passwd|password)
filetype:sql (“values MD5″ | “values _ password” | “values _ encrypt”) filetype:sql (\”passwd values\” | \”password values\” | \”pass values\” ) filetype:sql (\”values _ MD\” | \”values _ password\” | \”values _ encrypt\”)
filetype:sql +”IDENTIFIED BY” -cvs
filetype:sql password

Dorks for Government Websites

Below are some of the Dorks for Government sites.

inurl:adminpanel site:gov.*
site:gov.* intitle:"index of" *.csv
inurl:admin filetype:xlsx site:gov.*
inurl:admin filetype:xls site:gov.in
site:*.gov.au inurl:wp-admin
inurl:*gov intitle:"index of" "docker-compose"
intitle:"index of" site:gov.ru
intitle:"index of" site:gov.*
site:*.gov.in inurl:login.jsp
inurl:gov.in & inurl:wp-admin

Google Dorks List for SQL Injection

SQL injection is a technique to get sensitive data from a website by SQL queries. Below given SQL dorks helps you in finding SQL-vulnerable sites.

intext:"index of" ".sql"
"index of" filetype:sql
site:com.* intitle:"index of" *.sql
intitle:"index of" filetype:sql
intext:"SQL" && "DB" inurl:"/runtime/log/"
intitle:"index of /" "sqlite.db"
intitle:"index of" "/mysql"
intitle:"index of" " mod_auth_mysql "
intitle:"database" "backup" filetype:sql
inurl:admin ext:sql
Intitle:database ext:sql
intitle:"index of" "/backup/sql"
intitle:index.of conf.mysql
inurl:/wp-content/uploads/ "phpMyAdmin SQL Dump"
intitle:"index of" "dump.sql"
inurl: /cbt/login.php site: sch.id
inurl:product_info.php?products_id=
inurl:product_info.php?products_id=
inurl:product-list.php?category_id=
inurl:detail.php?siteid=
inurl:projects/event.php?id=
inurl:view_items.php?id=
inurl:more_details.php?id=
inurl:melbourne_details.php?id=
inurl:home.php?cat=

Google Dorks for Passwords

site:com.* intitle:"index of" *.admin.password
site:pastebin.com "*@gmail.com password"
db_password filetype:env
site:rentry.co intext:"password"
site:controlc.com intext:"password"
inurl:forgotpassword.php
site:pastebin.com "admin password"
intext:"Index of" intext:"password.zip"
site:pastebin.com "password"
site:gitlab.* intext:password intext:@gmail.com | @yahoo.com | @hotmail.com

Conclusion

There are thousands of Google dorks are available online, here we provide some useful google dorks only.

I hope this article will help you a lot. Please share this article with your friends if you like it. Share your valuable thoughts and suggestions in the comment section below.

Yes, it is legal to use Google Dorks. Until and unless you use access or misuse the data you found on websites.