Dorking
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
Last updated
Was this helpful?
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
Last updated
Was this helpful?
Was this helpful?
Config Files:
site:[TARGET] ext:xml | ext:conf | ext:cnf | ext:reg | ext:inf | ext:rdp | ext:cfg | ext:txt | ext:ora | ext:env | ext:inisite:[TARGET] ext:xml | ext:conf | ext:cnf | ext:reg | ext:inf | ext:rdp | ext:cfg | ext:txt | ext:ora | ext:env | ext:iniDatabase files
site:[TARGET] ext:sql | ext:db | ext:dbf | ext:mdb | ext:sql.gz | ext:sql.gz | ext:db.gz | ext:db.gzBackup files
site:[TARGET] ext:bkf | ext:bkp | ext:bak | ext:old | ext:backup.git folder
inurl:"/.git" [TARGET] -site:github.comExposed Document
site:[TARGET] ext:doc | ext:docx | ext:odt | ext:pdf | ext:rtf | ext:sxw | ext:psw | ext:ppt | ext:pptx | ext:pps | ext:csvSQL Errors
site:[TARGET] AND (intext:"sql syntax near" | intext:"syntax error has occurred" | intext:"incorrect syntax near" | intext:"unexpected end of SQL command" | intext:"Warning: mysql_connect()" | intext:"Warning: mysql_query()" | intext:"Warning: pg_connect()")PHP errors
site:[TARGET] AND ("PHP Parse error" | "PHP Warning" | "PHP Error")
site:[TARGET] "Index of" inurl:phpmyadminLogin pages
site:[TARGET] AND (inurl:signup | inurl:login | inurl:register | intitle:Signup)Open Redirects
site:[TARGET] AND (inurl:redir | inurl:url | inurl:redirect | inurl:return | inurl:location | inurl:next | inurl:dest | inurl:src=http | inurl:r=http)Apache Struts RCE
site:[TARGET] AND (ext:action | ext:struts | ext:do)Wordpress files
site:[TARGET] AND (inurl:wp-content | inurl:wp-includes)
site:[TARGET] inurl:wp-config.php intext:DB_PASSWORD
site:[TARGET] intitle:"Index of" wp-adminOther Files
site:[TARGET] AND (intitle:index.of | ext:log | ext:php intitle:phpinfo "published by the PHP Group" | inurl:shell | inurl:backdoor | inurl:wso | inurl:cmd | shadow | passwd | boot.ini | inurl:backdoor | inurl:readme | inurl:license | inurl:install | inurl:setup | inurl:config | inurl:"/phpinfo.php" | inurl:".htaccess" | ext:swf)
--------------------------------------------------------------------------------
site:[TARGET] AND (ext:env | ext:log | ext:sql | ext:yml | ext:pem | ext:ini | ext:logs | ext:ibd | ext:txt | ext:php.txt | ext:old | ext:key | ext:frm | ext:bak | ext:zip | ext:swp | ext:conf | ext:db | ext:config | ext:ovpn | ext:svn | ext:git | ext:cfg | ext:exs | ext:dbf | ext:mdb | ext:pem | ext:pub | ext:yaml | ext:zip | ext:asc | ext:xls | ext:xlsx")Credentials in Trello
inurl:trello.com AND intext:[TARGET]Zoom
inurl:http://zoom.us/j [TARGET]
inurl:http://zoom.us/j intext:password [TARGET]
inurl:http://zoom.us/j intext:id# [TARGET]Ciphermail Login
site:*.target.com intext:"CipherMail Email Encryption Gateway login"Various Services
site:sharepoint.com [TARGET]
site:box.com/s [TARGET]
site:dropbox.com/s [TARGET]
site:onedrive.live.com [TARGET]
site:docs.google.com inurl:"/d/" [TARGET]
site:[TARGET] inurl:Dashboard.jspa intext:"Atlassian Jira Project Management Software"Linkedin employees
site:linkedin.com employees [TARGET]AWS S3 Buckets
intext:[TARGET] AND (site:"s3-external-1.amazonaws.com" | site:"s3.amazonaws.com")
---------------------------------
intext:[TARGET] AND (site:s3.af-south-1.amazonaws.com | site:s3.ap-east-1.amazonaws.com | site:s3.ap-northeast-1.amazonaws.com | site:s3.ap-northeast-2.amazonaws.com | site:s3.ap-northeast-3.amazonaws.com | site:s3.ap-south-1.amazonaws.com | site:s3.ap-south-2.amazonaws.com | site:s3.ap-southeast-1.amazonaws.com | site:s3.ap-southeast-2.amazonaws.com | site:s3.ap-southeast-3.amazonaws.com | site:s3.ap-southeast-4.amazonaws.com | site:s3.ca-central-1.amazonaws.com | site:s3.eu-central-1.amazonaws.com | site:s3.eu-central-2.amazonaws.com | site:s3.eu-north-1.amazonaws.com | site:s3.eu-south-1.amazonaws.com | site:s3.eu-south-2.amazonaws.com | site:s3.eu-west-1.amazonaws.com | site:s3.eu-west-2.amazonaws.com | site:s3.eu-west-3.amazonaws.com | site:s3.me-central-1.amazonaws.com | site:s3.me-south-1.amazonaws.com | site:s3.sa-east-1.amazonaws.com | site:s3.us-east-1.amazonaws.com | site:s3.us-east-2.amazonaws.com | site:s3.us-gov-east-1.amazonaws.com | site:s3.us-gov-west-1.amazonaws.com | site:s3.us-west-1.amazonaws.com | site:s3.us-west-2.amazonaws.com)
-------------------------------------------------------------------------------------
intext:[TARGET] AND (site:s3.dualstack.af-south-1.amazonaws.com | site:s3.dualstack.ap-east-1.amazonaws.com | site:s3.dualstack.ap-northeast-1.amazonaws.com | site:s3.dualstack.ap-northeast-2.amazonaws.com | site:s3.dualstack.ap-northeast-3.amazonaws.com | site:s3.dualstack.ap-south-1.amazonaws.com | site:s3.dualstack.ap-south-2.amazonaws.com | site:s3.dualstack.ap-southeast-1.amazonaws.com | site:s3.dualstack.ap-southeast-2.amazonaws.com | site:s3.dualstack.ap-southeast-3.amazonaws.com | site:s3.dualstack.ap-southeast-4.amazonaws.com | site:s3.dualstack.ca-central-1.amazonaws.com | site:s3.dualstack.eu-central-1.amazonaws.com | site:s3.dualstack.eu-central-2.amazonaws.com | site:s3.dualstack.eu-north-1.amazonaws.com | site:s3.dualstack.eu-south-1.amazonaws.com | site:s3.dualstack.eu-south-2.amazonaws.com | site:s3.dualstack.eu-west-1.amazonaws.com | site:s3.dualstack.eu-west-2.amazonaws.com | site:s3.dualstack.eu-west-3.amazonaws.com | site:s3.dualstack.me-central-1.amazonaws.com | site:s3.dualstack.me-south-1.amazonaws.com | site:s3.dualstack.sa-east-1.amazonaws.com | site:s3.dualstack.us-east-1.amazonaws.com | site:s3.dualstack.us-east-2.amazonaws.com | site:s3.dualstack.us-gov-east-1.amazonaws.com | site:s3.dualstack.us-gov-west-1.amazonaws.com | site:s3.dualstack.us-west-1.amazonaws.com | site:s3.dualstack.us-west-2.amazonaws.com)Azure
site:"blob.core.windows.net" AND intext:[TARGET]
site:"storage.googleapis.com" AND intext:[TARGET]
site:"digitaloceanspaces.com" [TARGET]
site:github.com | site:gitlab.com | site:bitbucket.org [TARGET]
site:"dev.azure.com" AND intext:secret
site:"dev.azure.com" AND intext:password
site:"dev.azure.com" AND intext:apikey
Various Services
site:stackoverflow.com AND intext:"[TARGET]"
site:jfrog.io AND intext:"[TARGET]"
[TARGET]
intitle:traefik inurl:8080/dashboard [TARGET]
intitle:"Dashboard [Jenkins]" [TARGET]
(site:bitpaste.app | site:codebeautify.org | site:codepad.co | site:codepad.co |site:ideone.com | site:codepad.org | site:codepen.io | site:codeshare.io | site:coggle.it | site:controlc.com | site:dotnetfiddle.net | site:dpaste.com | site:dpaste.org | site:gitter.im | site:hastebin.com | site:heypasteit.com | site:ide.geeksforgeeks.org | site:ideone.com | site:jsdelivr.com | site:jsdelivr.net | site:jsfiddle.net) AND "[TARGET]"
(site:justpaste.it | site:libraries.io | site:npmjs.com | site:npm.runit.com | site:npm.runkit.com | site:papaly.com | site:paste2.org | site:pastebin.com | site:paste.debian.net | site:pastehtml.com | site:paste.org | site:phpfiddle.org | site:prezi.com | site:productforums.google.com | site:repl.it | site:replt.it | site:scribd.com | site:sharecode.io | site:snipplr.com | site:trello.com | site:ycombinator.com) AND "[TARGET]"
Vulnerable web servers
inurl:/proc/self/cwd
inurl:/proc/self/environ # environment variables on a websiteSQL
"index of" "database.sql.zip" | filetype:sql intext:password
ext:sql | ext:dbf | ext:mdb
intext:"sql syntax near" | intext:"syntax error has occurred" | intext:"incorrect syntax near" | intext:"unexpected end of SQL command" | intext:"Warning: mysql_connect()" | intext:"Warning: mysql_query()" | intext:"Warning: pg_connect()"
site:target.com intitle:”index of” db_backup.sql | db.sql | database.sql | sql | .sql.gz | .sql.bz2WordPress
intitle:"Index of" wp-admincgi-bin
inurl:/cgi-bin/
inurl:/cgi-bin/ + intext:”User ID” + intext:”Password”
inurl:/cgi-bin/login.cgiJuicy files/Pages
intext:"budget approved") inurl:confidential
#### Apache2
intitle:"Apache2 Ubuntu Default Page: It works"
#### Zoom Videos
inurl:zoom.us/j AND intext:"scheduled for"
#### SSH private keys
intitle:index.of id_rsa -id_rsa.pub
intitle:"Index of /" ".ssh"
#### email list
filetype:xls inurl:"email.xls"
#### ENV files
inurl:.env | filetype:.env | ext:env
filetype:env intext:DB_USERNAME
intitle:"index of"
inurl:"/private"
intitle:"index of" "local.json"
Fwd: intitle:"Index of /" intext:"resource/"
filetype:xls + password + inurl:.com
site:gov.* intitle:"index of" *.pptx
docs.google.com/spreadsheets
"microsoft internet information services" ext:log
inurl:src/viewcvs.cgi/log/.c?=
intitle:"welcome.to.squeezebox"
intitle:"index of" "mysql.properties"
inurl: /wp-content/uploads/ inurl:"robots.txt" "Disallow:" filetype:txt
inurl:"/horde/test.php"
filetype:gitattributes intext:CHANGELOG.md -site:github.com
ext:txt | ext:log | ext:cfg | ext:yml "administrator:500:"
intitle: index of "*db.tar.gz"
inurl:admin filetype:xlsx site:gov.*
Index of" intext:"source_code.zip
inurl:"htaccess|passwd|shadow|htusers"
“config.yml” | intitle:”index of” “config.yml”
intitle:"index of" "config.txt"
inurl:/wp-content/uploads/wpo_wcpdf
intext:"ArcGIS REST Services Directory" intitle:"Folder: /"
allintitle:"macOS Server" site:.edu
inurl:wp-content/uploads/sites
intitle:"index of" "private.properties"
intitle:"SCM Manager" intext:1.60
intitle:"index of" "profiler"
intitle:"index of" "main.yml"
intitle:"Index of" inurl:/backup/ "admin.zip"
intitle:"index of" google-maps-api
intitle:"index of" github-api
inurl:uploadimage.php
intitle: "index of" "/backup.sql"
intitle:"Sharing API Info"
inurl:user intitle:"Drupal" intext:"Log in" -"powered by"
inurl: /libraries/joomla/database/
"web.config" | inurl:/conf/ | "error_log"
intitle:"Index of /" + ".htaccess"
intitle:"index of /.git" "paren directory"
inurl:Makefile.toml
#### Govermment documentss
allintitle: restricted filetype:doc site:gov
#### pdf files
intitle: index of pdf | ext:pdf | inurl:.pdf
filetype:pdf “Confidential” | “Secret” | “Classified”
Endpoints
ext:php | ext:asp | ext:aspx | ext:jsp | ext:asp | ext:pl | ext:cfm | ext:py | ext:rb
ext:xml | ext:conf | ext:cnf | ext:reg | ext:inf | ext:rdp | ext:cfg | ext:txt | ext:ora | ext:ini | ext:yaml | ext:yml | ext:rdp | ext:ora | ext:bak | ext:log | ext:config
(ext:doc | ext:pdf | ext:xls | ext:txt | ext:ps | ext:rtf | ext:odt | ext:sxw | ext:psw | ext:ppt | ext:pps | ext:xml) intext:confidential salary Panels/Dashboards
inurl:/admin/login.php
inurl:_cpanel/forgotpwd
#### Jira/Kabana
inurl:Dashboard.jspa intext:"Atlassian Jira Project Management Software"
inurl:app/kibana intext:Loading Kibana
intext:("Sign in" | "Sign in to" | "Log in" | "Log in to")
intitle:login
"inurl:admin.asp"
"inurl:login/admin.asp"
"inurl:admin/login.asp"
"inurl:adminlogin.asp"
"inurl:adminhome.asp"
"inurl:admin_login.asp"
"inurl:administratorlogin.asp"
"inurl:login/administrator.asp"
"inurl:administrator_login.asp
"inurl:admin.php"
"inurl:login/admin.php"
"inurl:admin/login.php"
"inurl:adminlogin.php"
"inurl:adminhome.php"
"inurl:admin_login.php"
"inurl:administratorlogin.php"
"inurl:login/administrator.php"
"inurl:administrator_login.php
admin1.php
admin1.html
admin2.php
admin2.html
yonetim.php
yonetim.html
yonetici.php
yonetici.html
adm/
admin/
admin/account.php
admin/account.html
admin/index.php
admin/index.html
admin/login.php
admin/login.html
admin/home.php
admin/controlpanel.html
admin/controlpanel.php
admin.php
admin.html
admin/cp.php
admin/cp.html
cp.php
cp.html
administrator/
administrator/index.html
administrator/index.php
administrator/login.html
administrator/login.php
administrator/account.html
administrator/account.php
administrator.php
administrator.html
login.php
login.html
modelsearch/login.php
moderator.php
moderator.html
moderator/login.php
moderator/login.html
moderator/admin.php
moderator/admin.html
moderator/
account.php
account.html
controlpanel/
controlpanel.php
controlpanel.html
admincontrol.php
admincontrol.html
adminpanel.php
adminpanel.html
admin1.asp
admin2.asp
yonetim.asp
yonetici.asp
admin/account.asp
admin/index.asp
admin/login.asp
admin/home.asp
admin/controlpanel.asp
admin.asp
admin/cp.asp
cp.asp
administrator/index.asp
administrator/login.asp
administrator/account.asp
administrator.asp
login.asp
modelsearch/login.asp
moderator.asp
moderator/login.asp
moderator/admin.asp
account.asp
controlpanel.asp
admincontrol.asp
adminpanel.asp
fileadmin/
fileadmin.php
fileadmin.asp
fileadmin.html
administration/
administration.php
administration.html
sysadmin.php
sysadmin.html
phpmyadmin/
myadmin/
sysadmin.asp
sysadmin/
ur-admin.asp
ur-admin.php
ur-admin.html
ur-admin/
Server.php
Server.html
Server.asp
Server/
wp-admin/
administr8.php
administr8.html
administr8/
administr8.asp
webadmin/
webadmin.php
webadmin.asp
webadmin.html
administratie/
admins/
admins.php
admins.asp
admins.html
administrivia/
Database_Administration/
WebAdmin/
useradmin/
sysadmins/
admin1/
system-administration/
administrators/
pgadmin/
directadmin/
staradmin/
ServerAdministrator/
SysAdmin/
administer/
LiveUser_Admin/
sys-admin/
typo3/
panel/
cpanel/
cPanel/
cpanel_file/
platz_login/
rcLogin/
blogindex/
formslogin/
autologin/
support_login/
meta_login/
manuallogin/
simpleLogin/
loginflat/
utility_login/
showlogin/
memlogin/
members/
login-redirect/
sub-login/
wp-login/
login1/
dir-login/
login_db/
xlogin/
smblogin/
customer_login/
UserLogin/
login-us/
acct_login/
admin_area/
bigadmin/
project-admins/
phppgadmin/
pureadmin/
sql-admin/
radmind/
openvpnadmin/
wizmysqladmin/
vadmind/
ezsqliteadmin/
hpwebjetadmin/
newsadmin/
adminpro/
Lotus_Domino_Admin/
bbadmin/
vmailadmin/
Indy_admin/
ccp14admin/
irc-macadmin/
banneradmin/
sshadmin/
phpldapadmin/
macadmin/
administratoraccounts/
admin4_account/
admin4_colon/
radmind-1/
Super-Admin/
AdminTools/
cmsadmin/
SysAdmin2/
globes_admin/
cadmins/
phpSQLiteAdmin/
navSiteAdmin/
server_admin_small/
logo_sysadmin/
server/
database_administration/
power_user/
system_administration/
ss_vms_admin_sm/PHPINFO | PHPMYADMIN
intitle:”phpinfo()” | inurl:/phpmyadmin/ | inurl:server-status
intext:”Powered by” AND intext:”PHP Version”
ext:php intitle:phpinfo "published by the PHP Group"
"Index of" inurl:phpmyadmin | inurl:phpmyadmin | intitle:phpmyadmininurl /bug bounty
inurl : / security
inurl:security.txt
inurl:security "reward"
inurl : /responsible disclosure
inurl : /responsible-disclosure/ reward
inurl : / responsible-disclosure/ swag
inurl : / responsible-disclosure/ bounty
inurl:'/responsible disclosure' hoodie
responsible disclosure swag r=h:com
responsible disclosure hall of fame
responsible disclosure europe
responsible disclosure white hat
white hat program
insite:"responsible disclosure" -inurl:nl
intext responsible disclosure
site eu responsible disclosure
site .nl responsible disclosure
site responsible disclosure
responsible disclosure:sites
responsible disclosure r=h:nl
responsible disclosure r=h:uk
responsible disclosure r=h:eu
responsible disclosure bounty r=h:nl
responsible disclosure bounty r=h:uk
responsible disclosure bounty r=h:eu
responsible disclosure swag r=h:nl
responsible disclosure swag r=h:uk
responsible disclosure swag r=h:eu
responsible disclosure reward r=h:nl
responsible disclosure reward r=h:uk
responsible disclosure reward r=h:eu
"powered by bugcrowd" -site:bugcrowd.com
"submit vulnerability report"
site:*.gov.* "responsible disclosure"
intext:"we take security very seriously"
site:responsibledisclosure.com
inurl:'vulnerability-disclosure-policy' reward
intext:Vulnerability Disclosure site:nl
intext:Vulnerability Disclosure site:eu
site:*.*.nl intext:security report reward
site:*.*.nl intext:responsible disclosure reward
"security vulnerability" "report"
inurl"security report"
"responsible disclosure" university
inurl:/responsible-disclosure/ university
buy bitcoins "bug bounty"
inurl:/security ext:txt "contact"
"powered by synack"
intext:responsible disclosure bounty
inurl: private bugbountyprogram
inurl:/.well-known/security ext:txt
inurl:/.well-known/security ext:txt intext:hackerone
inurl:/.well-known/security ext:txt -hackerone -bugcrowd -synack -openbugbounty
inurl:reporting-security-issues
inurl:security-policy.txt ext:txt
site:*.*.* inurl:bug inurl:bounty
site:help.*.* inurl:bounty
site:support.*.* intext:security report reward
intext:security report monetary inurl:security
intext:security report reward inurl:report
site:security.*.* inurl: bounty
site:*.*.de inurl:bug inurl:bounty
site:*.*.uk intext:security report reward
site:*.*.cn intext:security report reward
"vulnerability reporting policy"
"van de melding met een minimum van een" -site:responsibledisclosure.nl
inurl:/security ext:txt "contact"
inurl:responsible-disclosure-policy
"If you believe you've found a security vulnerability"
intext:"BugBounty" and intext:"BTC" and intext:"reward"
intext:bounty inurl:/security
inurl:"bug bounty" and intext:"€" and inurl:/security
inurl:"bug bounty" and intext:"$" and inurl:/security
inurl:"bug bounty" and intext:"INR" and inurl:/security
inurl:/security.txt "mailto*" -github.com -wikipedia.org -portswigger.net -magento
/trust/report-a-vulnerability
site:*.edu intext:security report vulnerability
"cms" bug bounty
"If you find a security issue" "reward"
"responsible disclosure" intext:"you may be eligible for monetary compensation"
inurl: "responsible disclosure", "bug bounty", "bugbounty"
responsible disclosure inurl:in
site:*.br responsible disclosure
site:*.at responsible disclosure
site:*.be responsible disclosure
site:*.au responsible disclosureSingle Dorks
site:[TARGET] inurl:_cpanel/forgotpwd
site:[TARGET] inurl:/proc/self/cwd
site:[TARGET] inurl:/etc/
site:[TARGET] filename:constants
site:[TARGET] filename:settings
site:[TARGET] filename:database
site:[TARGET] filename:config
site:[TARGET] filename:environment
site:[TARGET] filename:spec
site:[TARGET] filename:zhrc
site:[TARGET] filename:bash
site:[TARGET] filename:npmrc
site:[TARGET] filename:dockercfg
site:[TARGET] filename:pass
site:[TARGET] filename:global
site:[TARGET] filename:credentials
site:[TARGET] filename:connections
site:[TARGET] filename:s3cfg
site:[TARGET] filename:wp-config
site:[TARGET] filename:htpasswd
site:[TARGET] filename:git-credentials
site:[TARGET] filename:id_dsa
site:[TARGET] filename:id_rsa
site:[TARGET] extension:env
site:[TARGET] extension:cfg
site:[TARGET] extension:ini
site:[TARGET] language:yaml -filename:travis
site:[TARGET] extension:properties
site:[TARGET] extension:bat
site:[TARGET] extension:sh
site:[TARGET] extension:zsh
site:[TARGET] extension:pem
site:[TARGET] extension:ppk
site:[TARGET] extension:sql
site:[TARGET] extension:json
site:[TARGET] extension:xml
site:[TARGET] filename:bash_history
site:[TARGET] filename:bash_profile
site:[TARGET] filename:bashrc
site:[TARGET] filename:cshrc
site:[TARGET] filename:history
site:[TARGET] filename:netrc
site:[TARGET] filename:pgpass
site:[TARGET] filename:tugboat
site:[TARGET] filename:dhcpd.conf
site:[TARGET] filename:express.conf
site:[TARGET] filename:filezilla.xml
site:[TARGET] filename:idea14.key
site:[TARGET] filename:makefile
site:[TARGET] filename:gitconfig
site:[TARGET] filename:prod.exs
site:[TARGET] filename:prod.secret.exs
site:[TARGET] filename:proftpdpasswd
site:[TARGET] filename:recentservers.xml
site:[TARGET] filename:robomongo.json
site:[TARGET] filename:server.cfg
site:[TARGET] filename:shadow
site:[TARGET] filename:sshd_config
site:[TARGET] filename:known_hosts
site:[TARGET] filename:wp-config.php
site:[TARGET] filename:.env
site:[TARGET] filename:hub
site:[TARGET] filename:.netrc
site:[TARGET] filename:_netrc
site:[TARGET] filename:ventrilo_srv.ini
site:[TARGET] filename:dbeaver-data-sources.xml
site:[TARGET] filename:sftp-config.json
site:[TARGET] filename:.esmtprc password
site:[TARGET] filename:.remote-sync.json
site:[TARGET] filename:WebServers.xml
site:[TARGET] staging
site:[TARGET] stg
site:[TARGET] prod
site:[TARGET] preprod
site:[TARGET] swagger
site:[TARGET] internal
site:[TARGET] dotfiles
site:[TARGET] dot-files
site:[TARGET] mydotfiles
site:[TARGET] config
site:[TARGET] dbpasswd
site:[TARGET] db_password
site:[TARGET] db_username
site:[TARGET] dbuser
site:[TARGET] testuser
site:[TARGET] dbpassword
site:[TARGET] keyPassword
site:[TARGET] storePassword
site:[TARGET] passwords
site:[TARGET] password
site:[TARGET] secret.password
site:[TARGET] database_password
site:[TARGET] sql_password
site:[TARGET] passwd
site:[TARGET] pass
site:[TARGET] pwd
site:[TARGET] pwds
site:[TARGET] root_password
site:[TARGET] credentials
site:[TARGET] security_credentials
site:[TARGET] connectionstring
site:[TARGET] private -language:java
site:[TARGET] private_key
site:[TARGET] master_key
site:[TARGET] token
site:[TARGET] access_token
site:[TARGET] auth_token
site:[TARGET] oauth_token
site:[TARGET] authorizationToken
site:[TARGET] secret
site:[TARGET] secrets
site:[TARGET] secret_key
site:[TARGET] secret_token
site:[TARGET] api_secret
site:[TARGET] app_secret
site:[TARGET] appsecret
site:[TARGET] client_secret
site:[TARGET] key
site:[TARGET] send_keys
site:[TARGET] send.keys
site:[TARGET] sendkeys
site:[TARGET] apikey
site:[TARGET] api_key
site:[TARGET] app_key
site:[TARGET] application_key
site:[TARGET] appkey
site:[TARGET] appkeysecret
site:[TARGET] access_key
site:[TARGET] apiSecret
site:[TARGET] x-api-key
site:[TARGET] apidocs
site:[TARGET] secret_access_key
site:[TARGET] encryption_key
site:[TARGET] consumer_key
site:[TARGET] auth
site:[TARGET] secure
site:[TARGET] login
site:[TARGET] conn.login
site:[TARGET] sshpass
site:[TARGET] ssh2_auth_password
site:[TARGET] irc_pass
site:[TARGET] fb_secret
site:[TARGET] sf_username
site:[TARGET] node_env
site:[TARGET] aws_key
site:[TARGET] aws_token
site:[TARGET] aws_secret
site:[TARGET] aws_access
site:[TARGET] AWSSecretKey
site:[TARGET] github_key
site:[TARGET] github_token
site:[TARGET] gh_token
site:[TARGET] slack_api
site:[TARGET] slack_token
site:[TARGET] bucket_password
site:[TARGET] redis_password
site:[TARGET] ldap_username
site:[TARGET] ldap_password
site:[TARGET] gmail_username
site:[TARGET] gmail_password
site:[TARGET] codecov_token
site:[TARGET] fabricApiSecret
site:[TARGET] mailgun
site:[TARGET] mailchimp
site:[TARGET] appspot
site:[TARGET] firebase
site:[TARGET] gitlab
site:[TARGET] stripe
site:[TARGET] herokuapp
site:[TARGET] cloudfront
site:[TARGET] amazonaws
site:[TARGET] npmrc _auth
site:[TARGET] pem private
site:[TARGET] aws_access_key_id
site:[TARGET] bashrc password
site:[TARGET] xoxp OR xoxb OR xoxa
site:[TARGET] FTP
site:[TARGET] s3.yml
site:[TARGET] .exs
site:[TARGET] beanstalkd.yml
site:[TARGET] deploy.rake
site:[TARGET] mysql
site:[TARGET] .bash_history
site:[TARGET] .sls
site:[TARGET] composer.jsonfilename:.npmrc _auth
site:[TARGET] filename:.dockercfg auth
site:[TARGET] extension:pem private
site:[TARGET] extension:ppk private
site:[TARGET] filename:id_rsa or filename:id_dsa
site:[TARGET] extension:sql mysql dump
site:[TARGET] extension:sql mysql dump password
site:[TARGET] filename:credentials aws_access_key_id
site:[TARGET] filename:.s3cfg
site:[TARGET] filename:.htpasswd
site:[TARGET] filename:.env DB_USERNAME NOT homestead
site:[TARGET] filename:.env MAIL_HOST=smtp.gmail.com
site:[TARGET] filename:.git-credentials
site:[TARGET] PT_TOKEN language:bash
site:[TARGET] filename:.bashrc password
site:[TARGET] filename:.bashrc mailchimp
site:[TARGET] filename:.bash_profile aws
site:[TARGET] rds.amazonaws.com password
site:[TARGET] extension:json api.forecast.io
site:[TARGET] extension:json mongolab.com
site:[TARGET] extension:yaml mongolab.com
site:[TARGET] jsforce extension:js conn.login
site:[TARGET] SF_USERNAME salesforce
site:[TARGET] filename:.tugboat NOT _tugboat
site:[TARGET] HEROKU_API_KEY language:shell
site:[TARGET] HEROKU_API_KEY language:json
site:[TARGET] filename:.netrc password
site:[TARGET] filename:_netrc password
site:[TARGET] filename:hub oauth_token
site:[TARGET] filename:filezilla.xml Pass
site:[TARGET] filename:recentservers.xml Pass
site:[TARGET] filename:config.json auths
site:[TARGET] filename:config irc_pass
site:[TARGET] filename:connections.xml
site:[TARGET] filename:express.conf path:.openshift
site:[TARGET] filename:.pgpass
site:[TARGET] [WFClient] Password= extension:ica
site:[TARGET] filename:server.cfg rcon password
site:[TARGET] JEKYLL_GITHUB_TOKEN
site:[TARGET] filename:.bash_history
site:[TARGET] filename:.cshrc
site:[TARGET] filename:.history
site:[TARGET] filename:.sh_history
site:[TARGET] filename:prod.exs NOT prod.secret.exs
site:[TARGET] filename:configuration.php JConfig password
site:[TARGET] filename:config.php dbpasswd
site:[TARGET] filename:config.php pass
site:[TARGET] path:sites databases password
site:[TARGET] shodan_api_key language:python
site:[TARGET] shodan_api_key language:shell
site:[TARGET] shodan_api_key language:json
site:[TARGET] shodan_api_key language:ruby
site:[TARGET] filename:shadow path:etc
site:[TARGET] filename:passwd path:etc
site:[TARGET] extension:avastlic "support.avast.com"
site:[TARGET] extension:json googleusercontent client_secret
site:[TARGET] HOMEBREW_GITHUB_API_TOKEN language:shell
site:[TARGET] xoxp OR xoxb
site:[TARGET] .mlab.com password
site:[TARGET] filename:logins.json
site:[TARGET] filename:CCCam.cfg
site:[TARGET] msg nickserv identify filename:config
site:[TARGET] filename:settings.py SECRET_KEY
site:[TARGET] filename:secrets.yml password
site:[TARGET] filename:master.key path:config
site:[TARGET] filename:deployment-config.json
site:[TARGET] filename:.ftpconfig
site:[TARGET] filename:sftp.json path:.vscode
site:[TARGET] filename:jupyter_notebook_config.json
site:[TARGET] "api_hash" "api_id"
site:[TARGET] "https://hooks.slack.com/services/"
site:[TARGET] filename:github-recovery-codes.txt
site:[TARGET] filename:gitlab-recovery-codes.txt
site:[TARGET] filename:discord_backup_codes.txt
site:[TARGET] extension:yaml cloud.redislabs.com
site:[TARGET] extension:json cloud.redislabs.com
site:[TARGET] stage
site:[TARGET] _key
site:[TARGET] _token
site:[TARGET] _secret
site:[TARGET] TODO
site:[TARGET] signup
site:[TARGET] register
site:[TARGET] admin
site:[TARGET] administrator
site:[TARGET] testing
site:[TARGET] extension:exs
site:[TARGET] extension:sls
site:[TARGET] filename:beanstalkd.yml
site:[TARGET] filename:deploy.rake
site:[TARGET] filename:composer.json
site:[TARGET] filename:composer.lock
site:[TARGET] ftp
site:[TARGET] ssh
# Keywords
pass
pwd
secret
key
private
credentials
dbpassword
token
-------------------------------------
org:
“paypal” language:python password NOT sandbox.paypal NOT api.paypal NOT www.paypal NOT gmail.com NOT yahoo.com NOT hotmail.com NOT test
--------------------------------------------------
user:
bugcrowd linkedin user:orwagodfather linkedin user:orwagodfather full name user:orwagodfather https:// user:orwagodfather Ldap
---------------------------------------------------------------
# internal links
org:bugcrowd https://
org:bugcrowd host:
# Some Dorks
org:lemonade-hq ( token: OR pass: OR secret: OR api_key: OR acess_token: )# Basic
ssl:"<ssl_for_target>"
ssl.cert.subject.CN:"<specific_hos_name_>"
ssl.cert.subject.CN:"<specific_hos_name_>" -http.title:"<title>"
tesla.com.cn
# Exposed Ports
"X-Jenkins" "Set-Cookie: JSESSIONID" http.title:"Dashboard"
port:"11211" product:"Memcached"
port:"25" product:"exim"
port:"23"
openssh port:22
"220" "230 Login successful." port:21
proftpd port:21
# Databases
MongoDB Server Information" port:27017 -authentication
Set-Cookie: mongo-express=" "200 OK"
mysql port:"3306"
port:"9200" all:"elastic indices"
port:5432 PostgreSQL
Port:5985,6984
Port:9042,9160
port:8291 os:"MikroTik RouterOS 6.45.9"
port:5006,5007 product:mitsubishi
org:"xx" 200 http.favicon.hash:1428702434 # IDRAC servers try this credentials Username: root Password: calvin
