100+ advanced Google Dorking queries for OSINT, and database leaks
by Boat - Saturday March 8, 2025 at 04:21 PM
Leet User

Posts: 244
Threads: 62
Joined: Sep 2024
Reputation: 81
#1
03-08-2025, 04:21 PM (This post was last modified: 03-08-2025, 04:24 PM by Boat.)
Keep adding yours as well. Let's see what I can learn Big Grin

1. Database Dumps & Credentials Leaks
filetype:sql "password"
filetype:json "password"
filetype:txt "password"
filetype:log "password" OR "username"
filetype:env "DB_PASSWORD"
filetype:conf "password"
filetype:ini "password"
filetype:sql "insert into users"
filetype:xml "password"
inurl:"wp-config.php" "DB_PASSWORD"
2. Exposed Website Config Files
inurl:".git" "index of"
intitle:"Index of" ".env"
intitle:"Index of" "wp-config.php"
intitle:"Index of" "database.yml"
intitle:"Index of" "settings.py"
intitle:"Index of" "secrets.json"
intitle:"Index of" "config.php"
3. Admin Login Pages
intitle:"Admin Login" inurl:admin
intitle:"Login Page" inurl:login
inurl:"admin/login"
inurl:"administrator/login"
inurl:"admin.php"
inurl:"user/login"
inurl:"backend/login"
4. Unsecured CCTV & Security Cameras
inurl:"top.htm" inurl:"currenttime"
inurl:"viewerframe?mode="
inurl:"view/index.shtml"
intitle:"Live View / - AXIS"
intitle:"webcamXP 5"
intitle:"webcam 7"
inurl:"/view/view.shtml"
5. Open File Repositories (Index of)
intitle:"index of" "backup"
intitle:"index of" "admin"
intitle:"index of" "password"
intitle:"index of" "database"
intitle:"index of" "wp-content"
intitle:"index of" "ftpconfig.json"
6. FTP Servers & Exposed Directories
intitle:"Index of" inurl:ftp
intitle:"Index of /private"
intitle:"Index of /confidential"
intitle:"Index of /database"
7. Exposed Email Lists & User Credentials
filetype:xls "email" "password"
filetype:csv "email" "password"
filetype:txt "email" "password"
filetype:json "email" "password"
filetype:log "email" "password"
8. WordPress Sensitive Information
inurl:"wp-config.php" "DB_PASSWORD"
inurl:"xmlrpc.php" intitle:"Index of"
inurl:"wp-content/debug.log"
intitle:"Index of" "wp-content/uploads"
9. phpMyAdmin & Database Management
intitle:"phpMyAdmin" inurl:"phpmyadmin"
intitle:"MySQL dump" filetype:sql
inurl:"pma/index.php"
inurl:"dbadmin/index.php"
inurl:"admin/phpmyadmin"
10. Open Web Directories with Private Content
intitle:"index of" "backup.zip"
intitle:"index of" "database.sql"
intitle:"index of" "config.php"
intitle:"index of" "sensitive"
intitle:"index of" "htpasswd"
11. Open Routers & Network Devices
intitle:"Router Setup" inurl:setup
intitle:"DVR Login"
intitle:"Network Camera"
intitle:"Webcam" inurl:view
12. Unsecured Git Repositories
intitle:"Index of" ".git"
inurl:".git/config"
inurl:".git/HEAD"
inurl:"/.git/logs/HEAD"
13. Open Jenkins & DevOps Panels
intitle:"Jenkins Dashboard" inurl:"/view/"
inurl:"/jenkins/login"
intitle:"Dashboard" inurl:"/login"
14. Remote Desktop Services (RDP)
inurl:"tsweb/default.htm"
inurl:"rdpweb/default.aspx"
inurl:"rdesktop.html"
intitle:"Remote Desktop Web Connection"
15. Exposed VPN Configurations
filetype:conf "auth-user-pass"
filetype:ovpn "remote"
intitle:"Index of" "openvpn"
16. Public Cloud Storage (AWS, Google, Azure)
site:amazonaws.com "index of"
site:storage.googleapis.com "index of"
site:blob.core.windows.net "index of"
17. Payment Gateways & Invoices
intitle:"index of" "invoice.pdf"
intitle:"index of" "billing"
filetype:pdf "invoice"
18. Exposed API Keys & Tokens
filetype:env "API_KEY"
filetype:json "api_key"
filetype:ini "api_secret"
inurl:"config.json" "API_KEY"
19. Web Shells & Backdoors
intitle:"index of" "c99.php"
intitle:"index of" "r57.php"
inurl:"shell.php"
inurl:"wso.php"
20. Vulnerable Websites (SQLi, LFI, XSS)
inurl:"index.php?id="
inurl:"page.php?id="
inurl:"news.php?id="
inurl:"product.php?id="
inurl:"catalog.php?id="
inurl:"detail.php?id="
inurl:"search.php?q="
21. Webcam Feeds & IP Cameras
inurl:"view/view.shtml"
inurl:"video.mjpg"
inurl:"webcam.html"
inurl:"/axis-cgi/mjpg/video.cgi"
22. Unsecured IoT Devices
inurl:"webadmin/index.php"
intitle:"webadmin" inurl:"admin"
inurl:"/admin/config.php"
23. Logs Containing Sensitive Info
filetype:log "session"
filetype:log "password"
filetype:log "credit card"
24. Misconfigured GitHub Repositories
site:github.com "DB_PASSWORD"
site:github.com "AWS_ACCESS_KEY_ID"
site:github.com "secret_key"
25. Private Corporate Documents
filetype:pdf "confidential"
filetype:docx "internal"
filetype:xlsx "financials"
Reply
Leet User

Posts: 240
Threads: 24
Joined: Oct 2023
Reputation: 0
#2
03-08-2025, 04:23 PM
You are best hacker thansk you very match brother
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  COLLECTION OSINT RESOURCES BY COUNTRY lulagain 1,576 53,994 11 minutes ago
Last Post: IRONMANWORLD
  BEST BREACH / OSINT API ? DISCORD 2 IP ? stormyhabibi 4 198 1 hour ago
Last Post: ReskiOSINT
  AI-Powered OSINT: Modern Intelligence Tools lulagain 21 720 1 hour ago
Last Post: ReskiOSINT
  FULL list of OSINT tools Paradoxxer 1,927 180,899 2 hours ago
Last Post: Adisz
  Thermos Must Have Osint Collection thermos 7 558 6 hours ago
Last Post: jigaboojonesy

Forum Jump:


 Users browsing this thread: