Pablo González | Computer Engineer

Google Dorks Cheatsheet

Published on

Google Dorks


You can download the cheatsheet as a pdf from here!

Searching in Google has become something as normal as drinking water and sometimes we desperately search some information but we can’t find it, neither in other languages.

Doing advanced searches with the use of Google Operators nowadays is a must to be able to extend and improve our findings. From searching for a specific filetype such a pdf or a png image, to use it for hacking and bug bounty!


Mixing these operators will let us customize our search to the point of having neat results. In any case, it’s best to try them yourself so that you learn them and get comfortable using them in a normal basis. Believe me, a good search will save you lots of time!

I’ve found some more but the result is nearly the same as a normal search, so I decided not to include them. In any case, if you know some that really makes a difference contact me and I’ll add them! 😊

" "“Tres tristes tigres”Search will only show results that exactly match “Tres tristes tigres”
ORtrump OR bidenShows pages that either contains “trump” or contains “biden”
ANDtrump AND bidenShows pages that contains “trump” and “biden”. Not much difference with a normal search
()(razer OR logitech) mouseGroups multiple operators for a better search
-elon musk -twitter.comWill search Elon Musk but Twitter pages won’t appear
*index of *Acts as a wildcard, matching anything
#..#2006..2008Will search the range [2006, 2007, 2008]
AROUND(x)index of AROUND(3) cgi-binWill match pages that has 3 words at max of distance between “index of” and “cgi-bin”
site:site:twitter.comSearch results are restricted to page
filetype:filetype:pdfSearch results will only include pdf files
imagesize:WIDTHxHEIGHTimagesize:1920x1080Search result will only include FullHD resolution images/videos
intitle:intitle:cibersecurityPages that include “cibersecurity” in the title
allintitle:allintitle: OSCP guidePages with “OSCP” and “guide” in the title
inurl:inurl:deerPages that contain “deer” in the URL
allinurl:allinurl:code pythonPages that contain “code” and “python” in the URL
intext:intext:deerPages that contain “deer” in the text
allintext:allintext:code pythonPages that contain “code” and “python” in the text
related:related:aliexpress.comPages that are similar to Aliexpress
cache:cache:soundcloud.comDisplays Google’s cached version of Soundcloud


stocks:stocks:amzShow the stock value of Amazon
define:define:bookSearches definitions of “book”
movie:movie: patriaSearches info. about “Patria” serie’s


+5 + 1015
5 - 10-5
*5 * 1050
/5 / 100.5
% of10% of 30030

Use of Dorks for Hacking

I found some pages full of examples in which they mix operators with default service/application behaviour so it ends up with an insecure open service that could be exploited. This is very very useful in bug bounties!