I always wondered how cybersecurity professionals can identify all these vulnerabilities in systems. How can they find sensitive files and information? After a bit of research, I realized that Google Dorking made that possible. Let’s explore more than 12 Google Dorking commands!

What is Google Dorking? How is it used in cybersecurity?

Google Dorking utilizes search operators to locate specific information on the internet. In the realm of cybersecurity, this tool is extremely useful for reconnaissance to search for vulnerabilities. They can expose information such as:

• Leaked Passwords
• Web Vulnerabilities
• Exposed Databases
• Log Files

This article will dive into a variety of Google Dorking commands. QUICK REMINDER: These commands are for learning purposes. They should not be used maliciously.

Valuable Google Dorking Commands:

1. Admin Panels:

site:website.com inurl:admin

The site refers to the website we are targeting. Inurl checks whether the URL contains the specified keyword. This command allows us to see any vulnerabilities related to the admin.

2. Lists of Emails:

for filetype:txt inurl:"email.txt"

Filetype searches for a specific file that is mentioned. The query above searches for txt files that include emails. This is valuable for reconnaissance to identify targets’ email addresses.

3. Login Pages:

site:starbucks.com intitle:login

Intitle checks to see if the keyword, in this case — login, is in the title. The query listed above searches for Starbucks websites that have login in their name. This is useful for finding different login pages, and who knows — one may be vulnerable.

4. LinkedIn Page:

site:linkedin.com intext:"person-name-here"

This query can search for information about the target. The target could have listed their work experiences and other personal information.

For instance, in the image below, I searched for a person named Ben Dover on LinkedIn. Once you have found the person you are looking for, you can see their experience.

5. Confidential Files:

site:website.com intext:"confidential"

Anything that has the word confidential and is related to the website would be shown. Secret information can be collected using this technique.

6. Username L:

"username" ext:log

Ext aids in finding a specific file type. This query is beneficial for locating log files with usernames.

7. Vulnerable Servers:

 intitle:"FileCatalyst file transfer solution"

This could find vulnerable servers.

8. HTTP Websites:

intitle:"index of" inurl:http after:2015

Vulnerable HTTP websites could be found by using this query.

9. Interesting Information:

site:website.com inurl:invoice

This could be used to find interesting information regarding invoices.

10. Locate Person’s Socials:

nameOfPerson site:socialMedia.com

This could be used to find a person’s socials on the specified social media website.

11. Spreadsheet of Data:

filetype:csv intext:"email" "phone"

Emails and phone numbers would be in the spreadsheet as shown below:

12. SQL Dumps:

filetype:sql "dump" "password"

Here is another command used to find passwords, this time in SQL dumps.

13. Vulnerable Webservers:

inurl:email.xls ext:xls

This is a command to obtain insecure websites. This vulnerability allows people to gain unauthorized access to webservers.

Thank you for reading this blog! I hope I helped you in your cybersecurity journey. Feel free to check out one of my reverse engineering writeups: https://medium.com/bugbountywriteup/quantum-scrambler-picoctf-2025-writeup-c6d892805c6f