Continuing what was left the last time around. This is a list of Google Dorks that you will find helpful in your activities. Now, there may be some that I have found online and added them here as I found them useful. If you posted it somewhere else and want me to remove it, let me know.
I also maintain an interesting page that deals with Shodan Queries. Feel free to check it out.
- allintext: “Pixie Powered”
- “script_filename” “HTTP Headers Information” “allow_url_fopen” ext:php
- intitle:”Index of” “/ .WNCRY”
- inurl:/help/readme.nsf intitle:”release notes” intitle:domino
- “Apache Server Status for” “Server Version” -“How to” -Guide -Tuning
- inurl:”/web.config” ext:config
- inurl:logs/gravityforms
- “not for public release” filetype:pdf
- “pcANYWHERE EXPRESS Java Client”
- wwwboard WebAdmin inurl:passwd.txt wwwboard|webadmin
- filetype:pem “PRIVATE KEY”
- inurl:/t/ (portal OR intranet OR login)
- intitle:”index of” “places.sqlite” “key3.db” -mozilla.org
- inurl:”?db_backup” | inurl:”dbbackup” -site:http://github.com “sql.gz” | “sql.tgz” | “sql.tar” | “sql.7z”
- inurl:.php? intext:CHARACTER_SETS,COLLATIONS intitle:”phpmyadmin”
- intitle:”=[ 1n73ct10n privat shell ]=”
- filetype:rdp password
- filetype:sh inurl:cgi-bin
- allinurl:index.php?db=information_schema
- inurl:index.rb
- ext:json OR inurl:format=json
- inurl:”server-status” intitle:”Apache Status” intext:”Apache Server Status for”
- inurl:”.s3.amazonaws.com/”
- site:http://s3.amazonaws.com intitle:index.of.bucket
- site:http://blob.core.windows.net
- site:* inurl:/user/register
- intext:”There isn’t a Github Pages site here”
- intitle:”Site not found · GitHub Pages”
- inurl:%26 inurl:%3D
- inurl:& inurl:%3D
- intitle:”Dashboard [Hudson]”
- intitle:”Dashboard [Jenkins]” intext:”Manage Jenkins”
- “or greater is required”+”You have no flash plugin installed”
- site:target.com filetype:”xls | xlsx | doc | docx | ppt | pptx | pdf”
