What is a dork?

A dork is a filter that can be applied to searches to narrow down the results to what you are looking for. This is often used to find potential documents / hidden pages that were accidentally exposed to the internet. This can be used in recon stage since it does not interact with a target / organisation directly.

There are many dork operators here is a list and what effect they have on the results.

DorkDescriptionExample
siteFilter results down to specfic siteSite:laurencejones.dev Or Site:blog.laurencejones.dev
filetypeSearches for a particular filetype.filetype:"pdf"
cacheShows the version of the web page that Google has in its cache.cache:blog.laurencejones.dev
intextSearches for the keywords all at once or one at a time.intext:"keyword"
inurlSearches for a URL matching one of the keywords.inurl:"keyword"
intitleSearches for keywords in title all or one.intitle:"keyword"
allintextSearches for all keywords given.allintext:"keyword"
allinurlSearches for a URL matching all keywords.allinurl:"keyword"
allintitleSearches for all keywords in title.allintitle:"keyword"
linkSearches for external links to pages.link:"keyword"
numrangeUsed to locate specific numbers.numrange:300-325
before/afterUsed to search within a particular date range.filetype:pdf & (before:2020-01-01 after:2021-01-01)
allinanchor (and also inanchor)This shows sites which have the keyterms in links pointing to them, in order of the most links.inanchor:dog
allinpostauthor (and also inpostauthor)Exclusive to blog search, this one picks out blog posts that are written by specific individuals.allinpostauthor:"keyword"
relatedList web pages that are “similar” to a specified page.related:blog.laurencejones.dev

Additional search operators:

OR operator

intitle:admin | intitle:finance

AND operator

intitle:admin & inurl:ftp

Example searches

Website

Interesting website files:

site:<target> (ext:pdf | ext:txt | ext:log | ext:doc | ext:docx | ext:pptx | ext:xlsx |  ext:xlsm | ext:xlsb | ext:xltx | ext:xltm | ext:xlt |ext:xls | ext:xml | ext:xlam | ext:xla | ext:xlw | ext:xlr | ext:docm | ext:dot | ext:dotm | ext:dotx | ext:htm | ext:mht | ext:mhtml | ext:odt | ext:rtf | ext:wps | ext:xps | ext:ini)

Index of:

site:<target> intitle:"index of /*" //Optional > (inurl:ftp | inurl:login | inurl:smb | inurl: admin)

Username

intitle:<username> | inurl:<username> | intext:<username>

Extras

  • List of dorking tools: Github
  • Google Hacking Database: GHDB
  • Cheatsheet: Gist