THE ULTIMATE DORKING GUIDE

Made with <3 by @tunawithbread/Former: @Huyxcheckerx

t.me/dpcombolist
This is a complete guide that combolist suppliers gatekeep!

 Dorking is actually meant to be K.I.S.S (keep it simple stupid)

 To be able to strike gold mines (in this case good databases), you have to master the skill
of optimizing your searches. If anyone can do it, Its fucking public.

 If someone is selling UHQ DORKING COURSE its a fucking scam lmao the important thing
is to be able to outsmart other niggas doing the exact same thing

 That's why my dorking and dumping guide focuses on skillset and mindset, not some
random shit ass tool to fucking dumping whole ass internet

 At some point some google dorking might break, thats why knowing someone with the
latest exploit is important
 Enough yapping, here are the basics to dorking:
 Contents
1. Introduction
2. Programs and what you will need
3. What is dorking?
4. Dork Types
5. Search Functions
6. Search Operators
7. Regex
8. Page parameters and how to get them
9. Keywords
10. Do’s And Don’ts
11. Proxies
12. Videos
13. Local File Inclusion (LFI) ←IGNORE
14. Checking Dorks
15. Hitting High Count Databases
16. Newer Websites and their structures
17. Proxy Location Exploiting
18. SQL Error Targeting
19. Targeting sites that are DTC
 Programs and
Resources

A lot of things require programs and dorking is no

exception! Here is a list of what you will need along
your journey marked with a level of necessity based
upon color

Green* A nice to have

Orange* Probably will need
Red* Will definitely need

● Dorky Dorker, Free. Generates dorks using your preset, and

what I will be using to teach throughout the course. Join my
telegram or discord for download link (DorkGenerator)

● Cryoner Parser, $39.99/mo / $129 lifetime. Best ever google

proxyless parser on the market combines with other modules
such as Dumper, Dehasher and Scanner. (T.me)If you just
want the basics, free parser or cracked ones are
 sufficient. If you plan on being a supplier then Cryoner Pro
is definitely recommended.

● SqliDumper/Dumper program, Free, Sqli dumper is one of

the many programs to go from urls to actually combos or
whatever you want to dump, sqli dumper has been cracked
many times over and the current version (cleaned), 10.2 will
suit your needs perfectly.You can find cleaned versions on
cracked.io.

● Meta Grabber, Free, Very important tool that will let us

extract keywords and page parameters from out already
parsed urls, insanely useful. Once again it will be available
for free in my telegram channel (Meta Grabber)
● RDP/VPS, $10-$50, A vps is one of the most useful tools
you can have as a dorker or really any hacker. RDPs usually
have very high speed internet and low latency which is
perfect for dorking and sql injection. Not to mention the great
protection against ip reports. Get one or card a free trial from
aws/microsoft azure/etc...

● EmEditor, Free, Very important tool used to sort randomized

and extract keywords, page params, and urls. Activation key
to pro version can be found online (EmEditor)
● Screaming Frog, Paid/Cracked, Screaming frog allows us to
scrape a given website and grab its keywords and meta
headers, this is vital for targeting as it lets us get kws from
the source which other sites themselves would scrape to use
in their seo pages. (Screaming Frog)/Im sure you can find it
cracked somewhere.
 What is dorking?
Dorking = art of manipulating the google search engine or any search engine for

injectable websites or any purpose you want to.

Google dorking is commonly used to exploit website vulnerabilities on a mass scale by

targeting parameters that directly interface with the website in question’s database, this

lets the attacker finger puppet google into feeding you (the attacker) a list of fresh urls

ready to be exploited.

The thing that really sets most dorkers apart is targeting since the ocean full of dorkers

have sucked up a lot of urls already in existence.

You (the attacker) must find a fresh patch of the so-called ocean to fish on. This is what

this guide will (hopefully) help you with. There are many constantly moving aspects of

dorking which i will teach throughout the book. Please sitback and relax while I feed

you pure unfiltered truth regarding dorking.

 Dork Types
Dork types are how your dorks generate, Dorky dorker in our case generates your dorks

based on a set of rules that dorky dorker follows, this is also where a lot of controversy

lies regarding what good dorks are. There are a lot of sellers out there that have these

super fancy dork types and stupid shit like this, “shopping >" inurl:?searchType=, *crypto

index” the reason that this is bad relates back to K.I.S.S Keep It Simple Stupid, simpler

dork types will get more results and result in far less proxy banning which directly

correlates in higher url quality. See below for all prefixes that are used in dorky dorker

(KW) (KW2) (PP) (DE)

(KW) Keyword is (KW2) is a modifier Page parameters (DE) domain

self explanatory, its keyword that you are used to target extension is part
the most important add either before of pages on a website like .com .net .org
aspect when it after your (KW) you that are interfacing etc… this is used to
comes to targeting, want this word to with the database, let google know
you want your work differently kind of like what kind of site
keywords to be both ways you add questions, for you’re looking for.
around 2-4 words in it, for example, example
length, that way (awesome) funny inurl:category^= it
you have sufficient videos / funny will find pages that
uniqueness. videos (awesome) have.

When writing dork types, sequencing matters. Dorks should be sequenced in the

following order, if you need a certain domain add site:(DE) Keywords Keywords 2, then

ext:php, then finally inurl:(PP)^=. And remember K.I.S.S! To learn how to make dork

types see —> Videos And Tutorials

 Search Functions

Search functions are how we tell google what we want it to do with the information we

provide it, for example, “Very cool roblox games 2020 php .net ?id=” by itself this string

of characters is completely useless because without search functions google will default

to using all of it as keywords instead of being specific which is what we want. By itself

google treats all of this generalized, for example its looking for something like roblox

games that were made in 2020 that have something to do with php, .net and ?id=,

whatever that means. Using search functions we can entirely reduce the guessing game

that google has to play, see below for the guide on search functions.

ext:(PT) inurl:(PP)^= site:(DE)

Ext stands for extension Inurl: makes the given This is the simplest of all
which means that we can string directly adjacent be the search functions, all its
tell google that we are found in the url, this is doing is forcing google to
looking for php or things used to target (PP) Page only show results for that
like pdf files which is so Parameters that directly domain extension (DE)
much better than just interface with the such as com, net, org.
hoping google finds a site database. See Page Always put this at the
that has a php file in the Parameters. beginning of your dork
given url. (PT) stands for types to avoid proxy
pagetype, always use php banning.
for this no matter what, asp
and aspx are far too old
and out of date so you will
only find old shitty sites.
 Search Operators
Search operators are a little different from search functions, the major difference being
that search operators mainly focus on keywords and not really on stuff like page
parameters. Ok now look at the given string in bold, Video Game Keyboards &
Keypads best inurl:attachmentid^=. This is one of my dorks which will work great,
now we can modify this slightly to make google force certain aspects because currently
its using Video Game Keyboards & Keypads best. We can change this by using
quotes, “”. Quotes force google to find that exact string of letters and numbers together
and in a sentence, This is best used on keyword 2’s as sometimes google will exclude
them for making your search too small. See below for more search operators and their
functions. Search operators can often be a little useless because normal people simply
dont use anything other than the occasional quotes, this means that google might flag
your ips that you use to parse and might even alter results to a lower standard.

“” / & |
QUOTES OR AND EITHER OR

Quotes force Slash can be used And can be used to | affects google
anything inside the in between find both slightly differently
given string to be keywords to signify sequences in a than the / does,
found literal and that you are looking pages e.g. roblox instead of doing a
exactly on the for multiple things games & free, this search for both it
page, this will like, roblox games / will find roblox does a search for
narrow your results steam games. This games first then one and then the
down quite alot will include both look to see if that other and mixes
because of the way results for roblox page has results, e.g. best
google treats every games AND steam something to do shopping trends
keyword outside of games with being free, if 2020 | top ten
this as a not it removes that games. This will do
generalized term result a search for
shopping trends
and then do a
search for the top
ten games, it then
combines them.
NOTICE: for more information on search operators go Here.
 Regex

Regular expressions (shortened as "regex") are special strings representing a

pattern to be matched in a search operation

List of regex

. + * ?
DOT PLUS ASTERISK QUESTION MARK

. Matches any + Matches the * Try Matches any ? (I dont

single character preceding preceding recommend using
(letter, number or character 1 or character 0 or alot) Matches
symbol) more times more time preceding
character 0 or 1
times

Example:

( ^ this is not a regex but if u put it after inurl:(PP)^= it improves ur

targeting and anyways it has a gap between (PP) and = so u can add it will

help u improve targeting)

example:

(KW) ext:php inurl:+**(PP)**^= SEE BELOW FOR EXAMPLES

WITHOUT REGEX

WITH REGEX
 Page parameters and

how to get them

Page parameters (PP) are what we use to interface with the database, these are

integral parts of our dorks because its how we target specific elements in the website

that could lead to an sql vulnerability. Page parameters can be found in 2 major ways,

handwriting or scraping, handwriting is okay to start off with but eventually we are going

to want a large list of valid page parameters that not only have a high url rate but also

can lead to actual sql vulnerabilities. We want our page parameters to kind of ask

questions to the database, such as id, this is asking the website for that pages or

products id number which then does a call to the database for said information, when

taking dorks that we have scraped from our urls using meta grabber we want to get rid

of the following things, 1. Anything with an underscore in it. 2. Long or excessive page

parameters. 3. Page parameters that might be too unique such as

%252525252525252F%252525252525253Fgm&search. Perfecting your page

parameters can be a long and daunting task which is why I recommend starting up a txt

file with known working page parameters that you can use in future dorks in which you

can add new ones daily. See Page Parameters for more info on what page parameters

are for. Videos And Tutorials

 Keywords
Keywords (KW) keywords are the bread and butter when it comes to targeting.

Keywords are super important because if you don't have the right string or its not quite

specific enough, you will just get generalized and public results e.g. Generalized

Keywords vs Slightly More Specific as you can tell the more specific got 44m results

while the generalized got 112m results, more specific will allow you to get more unique

dbs and better targeting all around. It got rid of around 60 million results that were not

ENTIRELY about roblox. That's a huge chunk gone with only a slight change. Getting

keywords can be super easy.

1. Hand write some generalized topics you want to target into a txt file.

2. Run those keywords through dorkr on proxyless to get a list of websites.

3. After you are done parsing those kws take the urls and put them into meta grabber.

4. Sort from small to large and remove keywords that are smaller than 3 words and

bigger than 6.

5. Go through and delete all keywords with invalid ASCII, stuff like the ™ symbol and

any non english letters.

7. Enjoy!

Sometimes you can actually take the single word keywords that meta grabber

has grabbed and use them as your (KW2) that way you can modify it even more! Videos

And Tutorials
 Do’s And Don’ts
● DO, Actively try to better yourself in terms of know how, constantly be on the

lookout for google updates via the support.google.com website

● DO NOT, Try to make your dorks overly complicated in an attempt to be unique,

being unique can be done in keywords and page parameters but being unique in

your dork types can sometimes lead to mis-matched targeting and generating too

many dorks at once.

● DO NOT, use page parameters from vuln urls that you parsed, this will lead to

repeat url and overall lower quality, DO, make a db of all the working page

parameters and over time get more unique and higher quality page parameters.

● DO NOT, buy dork packs, take this analogy for example Imagine the ocean

You’re a fisherman with a pre-made net You can't make that net any bigger or

modify it And your only allowed to fish in that one spot. That's what dork packs

are.

● DO, keep your dork type count low. Too many dork types make it much harder to

control quality and can make generating using all of your dork types quite hard

when it goes into the millions, try to keep it under 7 dork types.
● DO, accept the fact that dork types are public and so are page parameters

● DO NOT, use vpn parsing, vpn parsing may look good in theory but google

knows what your trying to do and feeds you old/unused websites as a result, i

understand if you can afford proxies i really do but vpn parsing is mostly a wast

of time.
 Proxies
Ah yes, proxies the bane of many peoples budget from high tier to low tier, choosing the

right proxy can mean either shit results or very very good results, for example:

1. These were parsed on geonode.com with the 7 day free trial of the private ports, now

these were by far the highest quality resi proxies i have ever tried but the price is very

high after the 7$ trial. The price was about 70$ a month for 5 ports which can only be

rotated at the fastest every 5 minutes, as you can tell by the errors and parse time this

was no fast parse but DAMN look at those links, it took 1 day to fully sqli test them all

and i got several UHQ databases from o nly 740 dorks parsed and only at 10 pages.

See below for 2

2. These were parsed with zenum (i believe) and were roughly the same quality. notice

the url count, its much lower but still pretty good. Now move one to the url quality and

thats a different story, if we look at the second ones urls they seem to be more sporadic

and unpredictable, this is because of 1, location of the proxy and 2, quality of the proxy

if the proxies are always on and constantly parsing from google obv that google is going

to give it worse results cause it just simply wants to make bots suffer.

DO NOT VPN PARSE PLEASE!!! Vpn parsing gives public results and websites that

were scraped before, google knows alot more than you think it does, google will still

feed you urls but they will not be anywhere near the same quality level as if you were

parsing on semi good residential proxies. I understand if you can't afford proxies but

doing it this way is mostly a waste of time. Sorry!

 Video’s and Tutorials
How to get keywords -youtube.com/watch?v=TNIwpLb6yBI

How to grab and filter page parameters - youtube.com v=T-HuipRc-5Q - Pre Made

PageParameters I cant verify quality plus they are very pub

How to Make Dorktypes -youtube.com/watch?v=l6LURNIXFkI

TBH i dont really want to record a shit ton of videos because actually teaching

requires me to be there and answer questions on the fly! Kek go to dms if you need

assistance.
 LFI
LFI and RFI, which are the current newest database exploiting method, is highly

preferred among well known combolist supplier

If you plan on being one and work with me contact me on tele for tutor @tunawithbread

Wp/cpanel method is also super private and liked by experienced crackers.

 Checking Dorks
Checking dorks can be an important process in improving your skills, checking

dorks will let you see which page params, dork types, and keywords are slowing you

down and giving bad results. Once you put your dorks and proxies in it will do a simple

google search with watch dork to see whether or not that given dork gets results, if it

does than it goes into the valid txtand if it doesn't then it goes into the invalid txt.

Checking dorks can be very helpful whenyou don't know what's slowing down your

dorks, going into the invalid txt and looking forcommon mistakes in kws or dork types

will help you learn much quicker than just trialand error.
Getting Good Databases
Oh boy, getting good databases is a pain in the ASS for most dorkers as there

isn't really a sure fire way to get good dbs, the only thing i can help you with is how to

improve your chances.

1. Keywords - Keywords are pretty weird when it comes to getting the good sites,

for one if your keywords are super unique that can help but another thing is

actually targeting sites that are DTC, AKA Direct To Customer is a way of

companies selling directly to real people which usually means they require logins,

you can target these sites by adding keyword 2’s like buy, sell, info, shipping,

reviews, etc… this can be a small way of improving the urls that do come out as

they will usually have login

buttons or registration pages.

2. Dork Types - Dork types are very miniscule when it comes to getting good

databases, remember K.I.S.S, if your dork types are far too complicated google

knows your a bot. When google knows you are a bot it feeds the proxy shitty

websites that are old and outdated, you really don't want that because it wastes

bandwidth and your time.

3. PHP And ASP - ASP used to be very used and a lot of sites used it, but since

that time sites have updated and entirely stopped using asp, while its a really

vulnerable extension only old sites use it. On the other hand php is newer and

still used by quite a few websites. Another thing to note is new websites often

hide their directories and remove php from a filename so sometimes not using

ext: at all can be better than using it.

4. Page Parameters - Page parameters are how the site interfaces with the

database, for more info watch the video on it. One common mistake is people

targeting vulnerable page parameters, this I don't recommend because if there

are such a thing as vulnerable page parameters why would any rational site use

them? The best way to get good urls is to NOT use “vulnerable” page

parameters as the sites that usually show up are old and probably have been

parsed a million times.

5. Antipublic - Antipublic is the BEST way of getting unique urls, running an

antipublic removes the public urls and only the ones that are new, this will save a

bunch of time and remove the ones that people have tested a million times

before you. Cryoner also has an antipublic module.

 New Sites
These days new sites have mostly stopped showing their directories and

hidden them to the public eye, for example https://cracked.io/AppleOwnsYou This

is my c.to profile as you can see there is no .php or = this is because they have

hidden the directory. Now keep that in mind when making new dork types, putting

ext: is recommended but always make a few that don't have it just in case.
 Proxy Location
Proxy location is a pretty cool thing you can use to your advantage, if you want to

hit small shops and local sites you can get super good results by just simply using the

words “Near Me”, this makes google get the location of the proxy you are using to parse

and it will make results unique to that location meaning you can target the same thing

over and over again

 Targeting error pages
So targeting error pages on websites can be a way to get vulnerable websites

and super fast but i really dont recommend it, i dont recommend it because everything

you are going to get from those dorks will already be raped 1000’s of times over.

Targeting mysql error pages is just all around a bad idea and can usually only result in

bad urls.
 Targeting DTC
Now i'm only just now starting to experiment with the idea of targeting DTC,

which is simply sites that have a user base that buy from said site, or sites that have a

user base at all instead of just having admin login pages which are hidden. A few ways I

have been testing this is using Quotes around the new keywords that are added

separately, such as, login, sign up, client area, sign in, etc… I'm only just now starting to

experiment with this method of targeting sites that already have a user base but I

encourage you to go and find out some methods yourself. Some examples of how you

can do this is as follows

Before: best keyboards ext:php inurl:id^=

After: (best keyboards) "login" ext:php inurl:id^=

Now what i did there is put parentheses around the best keyboards so google knows

its an independent statement, then i put login in quotes so google will force a search.

This works pretty well ngl….