Google will search for interesting information and potential vulnerabilities in this domain.

Sample domain:

About this tool

Every penetration test should start with a passive reconnaissance phase. Since public search engines have gathered huge amounts of information about almost every website from the Internet, it is a good idea to make some queries and get this information from them. Very often you will find sensitive information or data that is not supposed to be public.

Google has a set of advanced search operators which can be used to find interesting information about a target website or domain. Our tool aggregates a couple of useful search expressions (Google dorks) that you can use to extract 'juicy' data from Google. More Google dorks can be found here.

Note: Your browser must allow popups


  • Target website / domain: as the name says, this is your target website or domain for which you are querying Google. When you specify a domain name (ex., Google will return results for all subdomains of like:,,, etc.

How it works

This tool will use your browser to make requests to Google using specific search expressions that are able to find interesting information about the target.