Google Dorks
Google hacking, also named Google dorking, is a hacker technique that uses Google Search and other Google applications to find security holes in the configuration and computer code that websites are using. Google dorking could also be used for OSINT.
variable must have a space between the dork! |
---|
site: "domain.com" intitle: index.of |
list: |
intitle:"DocuShare" inurl:"docushare/dsweb/" -faq -gov -edu |
#mysql dump filetype:sql |
#mysql dump filetype:sql 21232f297a57a5a743894a0e4a801fc3 |
allow_call_time_pass_reference "PATH_INFO" |
Certificate Practice Statement inurl:(PDF | DOC) |
Generated by phpSystem |
generated by wwwstat |
Host Vulnerability Summary Report |
HTTP_FROM=googlebot googlebot.com "Server_Software=" |
Index of / "chat/logs" |
Installed Objects Scanner inurl:default.asp |
MacHTTP filetype:log inurl:machttp.log |
Mecury Version "Infastructure Group" |
Microsoft (R) Windows * (TM) Version * DrWtsn32 Copyright (C) ext:log |
Most Submitted Forms and Scripts "this section" |
Network Vulnerability Assessment Report |
not for distribution confidential |
not for public release -.edu -.gov -.mil |
phone * * * "address *" "e-mail" intitle:"curriculum vitae" |
phpMyAdmin "running on" inurl:"main.php" |
produced by getstats |
Request Details "Control Tree" "Server Variables" |
robots.txt "Disallow:" filetype:txt |
Running in Child mode |
sets mode: +p |
sets mode: +s |
Thank you for your order +receipt |
This is a Shareaza Node |
This report was generated by WebLog |
( filetype:mail | filetype:eml | filetype:mbox | filetype:mbx ) intext:password|subject |
(intitle:"PRTG Traffic Grapher" inurl:"allsensors")|(intitle:"PRTG Traffic Grapher - Monitoring Results") |
(intitle:WebStatistica inurl:main.php) | (intitle:"WebSTATISTICA server") - |
inurl:statsoft -inurl:statsoftsa -inurl:statsoftinc.com -edu -software -rob |
(inurl:"robot.txt" | inurl:"robots.txt" ) intext:disallow filetype:txt |
+":8080" +":3128" +":80" filetype:txt |
#VALUE! |
-site:php.net -"The PHP Group" inurl:source inurl:url ext:pHp |
94FBR "ADOBE PHOTOSHOP" |
AIM buddy lists |
allinurl:/examples/jsp/snp/snoop.jsp |
allinurl:cdkey.txt |
allinurl:servlet/SnoopServlet |
cgiirc.conf |
cgiirc.conf |
contacts ext:wml |
data filetype:mdb -site:gov -site:mil |
exported email addresses |
ext:(doc | pdf | xls | txt | ps | rtf | odt | sxw | psw | ppt | pps | xml) (intext:confidential salary | intext:"budget approved") inurl:confidential |
ext:asp inurl:pathto.asp |
ext:ccm ccm -catacomb |
ext:CDX CDX |
ext:cgi inurl:editcgi.cgi inurl:file= |
ext:conf inurl:rsyncd.conf -cvs -man |
ext:conf NoCatAuth -cvs |
ext:dat bpk.dat |
ext:DBF DBF |
ext:DCA DCA |
ext:gho gho |
ext:ics ics |
ext:ini intext:env.ini |
ext:jbf jbf |
ext:ldif ldif |
ext:log "Software: Microsoft Internet Information Services ." |
ext:mdb inurl:*.mdb inurl:fpdb shop.mdb |
ext:nsf nsf -gov -mil |
ext:plist filetype:plist inurl:bookmarks.plist |
ext:pqi pqi -database |
ext:reg "username=*" putty |
ext:txt "Final encryption key" |
ext:txt inurl:dxdiag |
ext:vmdk vmdk |
ext:vmx vmx |
filetype:asp DBQ=" * Server.MapPath("*.mdb") |
filetype:bkf bkf |
filetype:blt "buddylist" |
filetype:blt blt +intext:screenname |
filetype:cfg auto_inst.cfg |
filetype:cnf inurl:_vti_pvt access.cnf |
filetype:conf inurl:firewall -intitle:cvs |
filetype:config web.config -CVS |
filetype:ctt Contact |
filetype:ctt ctt messenger |
filetype:eml eml +intext:"Subject" +intext:"From" +intext:"To" |
filetype:fp3 fp3 |
filetype:fp5 fp5 -site:gov -site:mil -"cvs log" |
filetype:fp7 fp7 |
filetype:inf inurl:capolicy.inf |
filetype:lic lic intext:key |
filetype:log access.log -CVS |
filetype:log cron.log |
filetype:mbx mbx intext:Subject |
filetype:myd myd -CVS |
filetype:ns1 ns1 |
filetype:ora ora |
filetype:ora tnsnames |
filetype:pdb pdb backup (Pilot | Pluckerdb) |
filetype:php inurl:index inurl:phpicalendar -site:sourceforge.net |
filetype:pot inurl:john.pot |
filetype:PS ps |
filetype:pst inurl:"outlook.pst" |
filetype:pst pst -from -to -date |
filetype:qbb qbb |
filetype:QBW qbw |
filetype:rdp rdp |
filetype:reg "Terminal Server Client" |
filetype:vcs vcs |
filetype:wab wab |
filetype:xls -site:gov inurl:contact |
filetype:xls inurl:"email.xls" |
Financial spreadsheets: finance.xls |
Financial spreadsheets: finances.xls |
Ganglia Cluster Reports |
haccess.ctl (one way) |
haccess.ctl (VERY reliable) |
ICQ chat logs, please... |
intext:"Session Start * * * ::* *" filetype:log |
intext:"Tobias Oetiker" "traffic analysis" |
intext:(password | passcode) intext:(username | userid | user) filetype:csv |
intext:gmail invite intext:http://gmail.google.com/gmail/a |
intext:SQLiteManager inurl:main.php |
intext:ViewCVS inurl:Settings.php |
intitle:"admin panel" +"Powered by RedKernel" |
intitle:"Apache::Status" (inurl:server-status | inurl:status.html | inurl:apache.html) |
intitle:"AppServ Open Project" -site:www.appservnetwork.com |
intitle:"ASP Stats Generator ." "ASP Stats Generator" "2003-2004 weppos" |
intitle:"Big Sister" +"OK Attention Trouble" |
intitle:"curriculum vitae" filetype:doc |
intitle:"edna:streaming mp3 server" -forums |
intitle:"FTP root at" |
intitle:"index of" +myd size |
intitle:"Index Of" -inurl:maillog maillog size |
intitle:"Index Of" cookies.txt size |
intitle:"index of" mysql.conf OR mysql_config |
intitle:"Index of" upload size parent directory |
intitle:"index.of *" admin news.asp configview.asp |
intitle:"index.of" .diz .nfo last modified |
intitle:"Joomla - Web Installer" |
intitle:"LOGREP - Log file reporting system" -site:itefix.no |
intitle:"Multimon UPS status page" |
intitle:"PHP Advanced Transfer" (inurl:index.php | inurl:showrecent.php ) |
intitle:"PhpMyExplorer" inurl:"index.php" -cvs |
intitle:"statistics of" "advanced web statistics" |
intitle:"System Statistics" +"System and Network Information Center" |
intitle:"urchin (5|3|admin)" ext:cgi |
intitle:"Usage Statistics for" "Generated by Webalizer" |
intitle:"wbem" compaq login "Compaq Information Technologies Group" |
intitle:"Web Server Statistics for ****" |
intitle:"web server status" SSH Telnet |
intitle:"Welcome to F-Secure Policy Manager Server Welcome Page" |
intitle:"welcome.to.squeezebox" |
intitle:admin intitle:login |
intitle:Bookmarks inurl:bookmarks.html "Bookmarks |
intitle:index.of "Apache" "server at" |
intitle:index.of cleanup.log |
intitle:index.of dead.letter |
intitle:index.of inbox |
intitle:index.of inbox dbx |
intitle:index.of ws_ftp.ini |
intitle:intranet inurl:intranet +intext:"phone" |
inurl:"/axs/ax-admin.pl" -script |
inurl:"/cricket/grapher.cgi" |
inurl:"bookmark.htm" |
inurl:"cacti" +inurl:"graph_view.php" +"Settings Tree View" -cvs -RPM |
inurl:"newsletter/admin/" |
inurl:"newsletter/admin/" intitle:"newsletter admin" |
inurl:"putty.reg" |
inurl:"smb.conf" intext:"workgroup" filetype:conf conf |
inurl:*db filetype:mdb |
inurl:/cgi-bin/pass.txt |
inurl:/_layouts/settings |
inurl:admin filetype:xls |
inurl:admin intitle:login |
inurl:backup filetype:mdb |
inurl:build.err |
inurl:cgi-bin/printenv |
inurl:cgi-bin/testcgi.exe "Please distribute TestCGI" |
inurl:changepassword.asp |
inurl:ds.py |
inurl:email filetype:mdb |
inurl:fcgi-bin/echo |
inurl:forum filetype:mdb |
inurl:forward filetype:forward -cvs |
inurl:getmsg.html intitle:hotmail |
inurl:log.nsf -gov |
inurl:main.php phpMyAdmin |
inurl:main.php Welcome to phpMyAdmin |
inurl:netscape.hst |
inurl:netscape.hst |
inurl:netscape.ini |
inurl:odbc.ini ext:ini -cvs |
inurl:perl/printenv |
inurl:php.ini filetype:ini |
inurl:preferences.ini "[emule]" |
inurl:profiles filetype:mdb |
inurl:report "EVEREST Home Edition " |
inurl:server-info "Apache Server Information" |
inurl:server-status "apache" |
inurl:snitz_forums_2000.mdb |
inurl:ssl.conf filetype:conf |
inurl:tdbin |
inurl:vbstats.php "page generated" |
inurl:wp-mail.php + "There doesn't seem to be any new mail." |
inurl:XcCDONTS.asp |
ipsec.conf |
ipsec.secrets |
ipsec.secrets |
Lotus Domino address books |
mail filetype:csv -site:gov intext:name |
Microsoft Money Data Files |
mt-db-pass.cgi files |
MySQL tabledata dumps |
mystuff.xml - Trillian data files |
OWA Public Folders (direct view) |
Peoples MSN contact lists |
php-addressbook "This is the addressbook for *" -warning |
phpinfo() |
phpMyAdmin dumps |
phpMyAdmin dumps |
private key files (.csr) |
private key files (.key) |
Quicken data files |
rdbqds -site:.edu -site:.mil -site:.gov |
robots.txt |
site:edu admin grades |
site:www.mailinator.com inurl:ShowMail.do |
SQL data dumps |
Squid cache server reports |
Unreal IRCd |
WebLog Referrers |
Welcome to ntop! |
Last updated