Google Dorks

Google Dorks to find Juicy Content
inurl:example.com intitle:"index of"
inurl:example.com intitle:"index of /" "*key.pem"
inurl:example.com ext:log
inurl:example.com intitle:"index of" ext:sql|xls|xml|json|csv
inurl:example.com "MYSQL_ROOT_PASSWORD:" ext:env OR ext:yml -git
inurl:example.com intitle:"index of" "config.db"
inurl:example.com allintext:"API_SECRET*" ext:env | ext:yml
inurl:example.com intext:admin ext:sql inurl:admin
inurl:example.com allintext:username,password filetype:log
site:example.com "-----BEGIN RSA PRIVATE KEY-----" inurl:id_rsa
site:*.gov.* "responsible disclosure"

​


​Refrence​
Other than Google, Try these dorks on various Search Engines such as Duck Duck Go, Bing etc.
Reports (Hackerone)
Resolved
​Securing "Reset password" pages from bots​
​Private Grab Messages on Android App can be accessed and cached by Search Engines​
Informative
​Information disclosure through search engines (password reset token)​
N/A
​Research papers on yelp are getting indexed by google bots.​
Author
​Keshav Malik

​Naveen Prakaasham

​@klaus​
​Fani Malik​
Last modified 1yr ago