Google Dorks
40 dorks across 7 categories
Legal Disclaimer
Only use these dorks on domains you have explicit authorization to test. Unauthorized reconnaissance may violate computer crime laws.
Enter a domain above to customize all dork queries. Currently showing queries with example.com
Deep Google Search
247 DorksComprehensive Google Dorks platform with 247 dorks across 14 categories — sensitive files, cloud storage, API endpoints, admin panels, mobile/IoT, crypto & more. Filter, search, and export your recon workspace.
Open Deep Google SearchFind subdomains excluding common ones
site:example.com -www -shop -share -ir -mfaFind PHP files with parameters
site:example.com ext:php inurl:?Find API endpoints
site:example.com inurl:api | site:*/rest | site:*/v1 | site:*/v2 | site:*/v3Find sensitive config and backup files
site:"example.com" ext:log | ext:txt | ext:conf | ext:cnf | ext:ini | ext:env | ext:sh | ext:bak | ext:backup | ext:swp | ext:old | ext:~ | ext:git | ext:svn | ext:htpasswd | ext:htaccess | ext:jsonFind sensitive directories
inurl:conf | inurl:env | inurl:cgi | inurl:bin | inurl:etc | inurl:root | inurl:sql | inurl:backup | inurl:admin | inurl:php site:example.comFind exposed error pages and stack traces
inurl:"error" | intitle:"exception" | intitle:"failure" | intitle:"server at" | inurl:exception | "database error" | "SQL syntax" | "undefined index" | "unhandled exception" | "stack trace" site:example.comSearch/query parameters (potential XSS)
inurl:q= | inurl:s= | inurl:search= | inurl:query= | inurl:keyword= | inurl:lang= inurl:& site:example.comRedirect parameters (Open Redirect)
inurl:url= | inurl:return= | inurl:next= | inurl:redirect= | inurl:redir= | inurl:ret= | inurl:r2= | inurl:page= inurl:& inurl:http site:example.comID parameters (potential SQLi)
inurl:id= | inurl:pid= | inurl:category= | inurl:cat= | inurl:action= | inurl:sid= | inurl:dir= inurl:& site:example.comURL parameters (potential SSRF)
inurl:http | inurl:url= | inurl:path= | inurl:dest= | inurl:html= | inurl:data= | inurl:domain= | inurl:page= inurl:& site:example.comFile parameters (potential LFI)
inurl:include | inurl:dir | inurl:detail= | inurl:file= | inurl:folder= | inurl:inc= | inurl:locate= | inurl:doc= | inurl:conf= inurl:& site:example.comCommand parameters (potential RCE)
inurl:cmd | inurl:exec= | inurl:query= | inurl:code= | inurl:do= | inurl:run= | inurl:read= | inurl:ping= inurl:& site:example.comAWS S3 buckets
site:s3.amazonaws.com "example.com"Azure Blob storage
site:blob.core.windows.net "example.com"Google APIs
site:googleapis.com "example.com"Google Drive files
site:drive.google.com "example.com"Azure DevOps
site:dev.azure.com "example.com"OneDrive files
site:onedrive.live.com "example.com"DigitalOcean Spaces
site:digitaloceanspaces.com "example.com"SharePoint files
site:sharepoint.com "example.com"AWS S3 external
site:s3-external-1.amazonaws.com "example.com"AWS S3 dualstack
site:s3.dualstack.us-east-1.amazonaws.com "example.com"Dropbox shared files
site:dropbox.com/s "example.com"Box shared files
site:box.com/s "example.com"Google Docs
site:docs.google.com inurl:"/d/" "example.com"JFrog artifacts
site:jfrog.io "example.com"Firebase databases
site:firebaseio.com "example.com"Pastebin leaks
site:pastebin.com "example.com"JSFiddle code
site:jsfiddle.net "example.com"CodeBeautify snippets
site:codebeautify.org "example.com"CodePen projects
site:codepen.io "example.com"API documentation
inurl:apidocs | inurl:api-docs | inurl:swagger | inurl:api-explorer site:"example.com"OpenBugBounty reports
site:openbugbounty.org inurl:reports intext:"example.com"Google Groups discussions
site:groups.google.com "example.com"File upload forms
site:example.com "choose file"Login pages
inurl:login | inurl:signin | intitle:login | intitle:signin | inurl:secure site:example.comDevelopment/staging environments
inurl:test | inurl:env | inurl:dev | inurl:staging | inurl:sandbox | inurl:debug | inurl:temp | inurl:internal | inurl:demo site:example.comDocument files
site:example.com ext:txt | ext:pdf | ext:xml | ext:xls | ext:xlsx | ext:ppt | ext:pptx | ext:doc | ext:docxConfidential documents
intext:"confidential" | intext:"Not for Public Release" | intext:"internal use only" | intext:"do not distribute"Sensitive parameters
inurl:email= | inurl:phone= | inurl:password= | inurl:secret= inurl:& site:example.com