├── README.md
├── Shodan-dorks.txt
├── github-dorks.txt
└── google-dorks.txt


/README.md:
--------------------------------------------------------------------------------
1 | # Awesome-Dorks
2 | ### Dorks for Bug Bounty Hunting
3 | 
4 | ![bbdorks](https://user-images.githubusercontent.com/75373225/148363168-98ca3d3f-dfd0-4c18-9feb-095fac3fac74.png)
5 | 
6 | This repo is piece of shit💩 created by me
7 | 


--------------------------------------------------------------------------------
/Shodan-dorks.txt:
--------------------------------------------------------------------------------
 1 | ssl:"target.com" http.html:"Login, username, password"
 2 | http.title:"Admin"
 3 | ssl:"target.com" org:"Cloudflare, Inc." product:"nginx" 200
 4 | kibana content-length:217 net:"cidr"
 5 | org:"Amazon" ssl:"target"
 6 | ssl:"target"
 7 | html:"Dashboard Jenkins" http.component:"jenkins"
 8 | http.title:"302 Found"
 9 | X-Amz-Bucket-Region
10 | x-jenkins 200
11 | X-Generator: Drupal 7
12 | ssl:Google
13 | all:"mongodb server information" all:"metrics"
14 | port:27017 -all:"partially" all:"fs.files"
15 | port:"9200" all:"elastic indices"
16 | product:elastic port:9200
17 | product: CouchDB
18 | title:"system dashboard" html:jira
19 | product: "apache tomcat"
20 | ssl%3A”development”+org%3A”Amazon.com”+port%3A”number”
21 | http.component:ruby port:3000
22 | html:”secret_key_base”
23 | html:”rack.version”
24 | http.html:QUERY ssl:”domain.com”
25 | http.favicon.hash:81586312 200
26 | html:/dana-na/ Pulse Secure VPN exploit
27 | "MongoDB Server Information" port:27017 -authentication
28 | "Set-Cookie: mongo-express=" "200 OK"
29 | mysql port:"3306"
30 | port:"9200" all:"elastic indices"
31 | port:5432 PostgreSQL
32 | "220" "230 Login successful." port:21
33 | proftpd port:21
34 | port:"25" product:"exim"
35 | port:"11211" product:"Memcached"
36 | "X-Jenkins" "Set-Cookie: JSESSIONID" http.title:"Dashboard"
37 | "port: 53" Recursion: Enabled
38 | product:"Apache httpd" port:"80"
39 | product:"Microsoft IIS httpd"
40 | ssl.cert.issuer.cn:example.com ssl.cert.subject.cn:example.com
41 | ssl.cert.expired:true
42 | "Authentication: disabled" port:445
43 | "220" "230 Login successful." port:21
44 | 


--------------------------------------------------------------------------------
/github-dorks.txt:
--------------------------------------------------------------------------------
  1 | access_key
  2 | access-token
  3 | access_token
  4 | accesstoken
  5 | access_token_secret
  6 | admin
  7 | admin_pass
  8 | admin_user
  9 | algolia_admin_key
 10 | algolia_api_key
 11 | alias_pass
 12 | alicloud_access_key
 13 | amazonaws
 14 | amazon_secret_access_key
 15 | ansible_vault_password
 16 | aos_key
 17 | apidocs
 18 | api.googlemaps AIza
 19 | api.googlemaps+AIza
 20 | api-key
 21 | api_key
 22 | apikey
 23 | api_key_secret
 24 | api_key_sid
 25 | api_secret
 26 | apiSecret
 27 | api_secret_key
 28 | api_token
 29 | app_debug
 30 | app_id
 31 | app_key
 32 | appkey
 33 | appkeysecret
 34 | application_key
 35 | app_log_level
 36 | app_secret
 37 | appsecret
 38 | appspot
 39 | auth
 40 | authentication
 41 | authkey
 42 | authorization
 43 | authorization_bearer:
 44 | authorization_key
 45 | authorization_token
 46 | authorizationToken
 47 | authsecret
 48 | auth_token
 49 | authtoken
 50 | aws_access
 51 | aws_access_key_id
 52 | aws_bucket
 53 | aws_key
 54 | aws_secret
 55 | aws_secret_access_key
 56 | aws_secret_key
 57 | AWSSecretKey
 58 | aws_token
 59 | b2_app_key
 60 | bashrc password
 61 | bashrc+password
 62 | bearer
 63 | bintray_apikey
 64 | bintray_gpg_password
 65 | bintray_key
 66 | bintraykey
 67 | bluemix_api_key
 68 | bluemix_pass
 69 | bot_access_token
 70 | browserstack_access_key
 71 | bucket
 72 | bucketeer_aws_access_key_id
 73 | bucketeer_aws_secret_access_key
 74 | bucket_password
 75 | built_branch_deploy_key
 76 | bx_password
 77 | cache_driver
 78 | cache_s3_secret_key
 79 | cattle_access_key
 80 | cattle_secret_key
 81 | certificate_password
 82 | ci_deploy_password
 83 | client_id
 84 | client_key
 85 | client-secret
 86 | client_secret
 87 | clientsecret
 88 | client_zpk_secret_key
 89 | clojars_password
 90 | cloudant_password
 91 | cloud_api_key
 92 | cloudflare_api_key
 93 | cloudflare_auth_key
 94 | cloudinary_api_secret
 95 | cloudinary_name
 96 | cloud_watch_aws_access_key
 97 | codecov_token
 98 | config
 99 | connectionstring
100 | conn.login
101 | consumer_key
102 | ConsumerKey
103 | consumer_secret
104 | ConsumerSecret
105 | credentials
106 | cypress_record_key
107 | database_password
108 | database_schema_test
109 | datadog_api_key
110 | datadog_app_key
111 | DB_DATABASE=
112 | DB_HOST=
113 | dbpasswd
114 | db_password
115 | dbpassword
116 | DB_PASSWORD=
117 | DB_PORT=
118 | DB_PW=
119 | db_server
120 | dbuser
121 | DB_USER=
122 | db_username
123 | DB_USERNAME
124 | deploy_password
125 | digitalocean_ssh_key_body
126 | digitalocean_ssh_key_ids
127 | docker_hub_password
128 | dockerhub_password
129 | dockerhubpassword
130 | docker_key
131 | docker_pass
132 | docker_passwd
133 | docker_password
134 | dot-files
135 | dotfiles
136 | droplet_travis_password
137 | dynamoaccesskeyid
138 | dynamosecretaccesskey
139 | elastica_host
140 | elastica_port
141 | elasticsearch_password
142 | email
143 | encryption-key
144 | encryption_key
145 | encryptionkey
146 | encryption_password
147 | env.heroku_api_key
148 | env.sonatype_password
149 | eureka.awssecretkey
150 | fabricApiSecret
151 | facebook_secret
152 | fb_secret
153 | firebase
154 | flickr_api_key
155 | fossa_api_key
156 | ftp
157 | ftp_password
158 | FTP_PASSWORD
159 | FTP_PORT
160 | gatsby_wordpress_base_url
161 | gatsby_wordpress_client_id
162 | gatsby_wordpress_user
163 | gh_api_key
164 | ghost_api_key
165 | gh_token
166 | github_api_key
167 | github_deploy_hb_doc_pass
168 | github_id
169 | github_key
170 | github_password
171 | github_token
172 | gitlab
173 | gmail_password
174 | gmail_username
175 | google_maps_api_key
176 | google_private_key
177 | google_secret
178 | google_server_key
179 | gpg_key_name
180 | gpg_keyname
181 | gpg_passphrase
182 | HEROKU_API_KEY
183 | HEROKU_API_KEY language:json
184 | HEROKU_API_KEY+language:json
185 | HEROKU_API_KEY language:shell
186 | HEROKU_API_KEY+language:shell
187 | herokuapp
188 | heroku_oauth
189 | heroku_oauth_secret
190 | heroku_oauth_token
191 | heroku_secret
192 | heroku_secret_token
193 | HOMEBREW_GITHUB_API_TOKEN
194 | htaccess_pass
195 | htaccess_user
196 | id_dsa
197 | incident_channel_name
198 | internal
199 | irc_pass
200 | JEKYLL_GITHUB_TOKEN
201 | jwt_client_secret_key
202 | jwt_lookup_secert_key
203 | jwt_password
204 | jwt_secret
205 | jwt_secret_key
206 | jwt_token
207 | jwt_user
208 | jwt_web_secert_key
209 | jwt_xmpp_secert_key
210 | key
211 | keyPassword
212 | ldap_password
213 | ldap_username
214 | linux_signing_key
215 | ll_shared_key
216 | location_protocol
217 | log
218 | log_channel
219 | lottie_happo_api_key
220 | lottie_happo_secret_key
221 | lottie_s3_api_key
222 | lottie_s3_secret_key
223 | magento password
224 | magento+password
225 | mailchimp
226 | mailchimp_api_key
227 | mailchimp_key
228 | mailgun
229 | mailgun apikey
230 | mailgun+apikey
231 | mailgun_key
232 | mailgun_password
233 | mailgun_priv_key
234 | mailgun_secret_api_key
235 | mail_password
236 | mail_port
237 | manage_key
238 | mandrill_api_key
239 | mapbox api key
240 | mapbox+api+key
241 | master_key
242 | mg_api_key
243 | mg_public_api_key
244 | mh_apikey
245 | mh_password
246 | mile_zero_key
247 | minio_access_key
248 | minio_secret_key
249 | mix_pusher_app_cluster
250 | mix_pusher_app_key
251 | .mlab.com password
252 | .mlab.com+password
253 | msg nickserv identify filename:config
254 | msg+nickserv+identify+filename:config
255 | mydotfiles
256 | mysql
257 | mysql password
258 | mysql+password
259 | mysql_root_password
260 | netlify_api_key
261 | nexus password
262 | nexus+password
263 | nexus_password
264 | node_env
265 | node_pre_gyp_accesskeyid
266 | node_pre_gyp_secretaccesskey
267 | npm_api_key
268 | npm_password
269 | npmrc _auth
270 | npmrc+_auth
271 | npm_secret_key
272 | nuget_api_key
273 | nuget_apikey
274 | nuget_key
275 | number
276 | oauth
277 | oauth_token
278 | object_storage_password
279 | octest_app_password
280 | octest_password
281 | okta_key
282 | omise_key
283 | onesignal_api_key
284 | onesignal_user_auth_key
285 | openwhisk_key
286 | org_gradle_project_sonatype_nexus_password
287 | org_project_gradle_sonatype_nexus_password
288 | os_password
289 | ossrh_jira_password
290 | ossrh_pass
291 | ossrh_password
292 | OTP
293 | pagerduty_apikey
294 | parse_js_key
295 | pass
296 | passcode
297 | passwd
298 | password
299 | password hash
300 | passwords
301 | password travis
302 | password+travis
303 | path:sites databases password
304 | path:sites+databases+password
305 | paypal_secret
306 | paypal_token
307 | pem private
308 | pem+private
309 | personal_key
310 | playbooks_url
311 | plotly_apikey
312 | plugin_password
313 | postgres_env_postgres_password
314 | postgresql_pass
315 | "preprod"
316 | preprod
317 | private
318 | private-key
319 | private_key
320 | privatekey
321 | private -language:java
322 | private+-language:java
323 | private_signing_password
324 | prod
325 | prod.access.key.id
326 | prod_password
327 | prod.secret.key
328 | PT_TOKEN
329 | PT_TOKEN language:bash
330 | PT_TOKEN+language:bash
331 | publish_key
332 | pusher_app_id
333 | pwd
334 | queue_driver
335 | rabbitmq_password
336 | rds.amazonaws.com password
337 | rds.amazonaws.com+password
338 | "redis_password"
339 | redis_password
340 | remove password
341 | response_auth_jwt_secret
342 | rest_api_key
343 | rinkeby_private_key
344 | root
345 | root_password
346 | ropsten_private_key
347 | route53_access_key_id
348 | rtd_key_pass
349 | rtd_store_pass
350 | s3_access_key
351 | s3_access_key_id
352 | s3_key
353 | s3_key_app_logs
354 | s3_key_assets
355 | s3_secret_key
356 | salesforce_password
357 | sandbox_aws_access_key_id
358 | sandbox_aws_secret_access_key
359 | sauce_access_key
360 | secret
361 | secret access key
362 | secret+access+key
363 | secret_access_key
364 | secretaccesskey
365 | secret_bearer
366 | secret-key
367 | secret_key
368 | secretkey
369 | secret_key_base
370 | secret.password
371 | secrets
372 | secret_token
373 | secure
374 | security_credentials
375 | sendgrid_api_key
376 | sendgrid_key
377 | sendgrid_password
378 | send.keys
379 | send_keys
380 | sendkeys
381 | ses_access_key
382 | ses_secret_key
383 | session_key
384 | session_secret
385 | SESSION_TOKEN
386 | setdstaccesskey
387 | setsecretkey
388 | sf_username
389 | SF_USERNAME
390 | shodan_api_key language:python
391 | sid_token
392 | signing_key_password
393 | signing_key_secret
394 | slack_api
395 | slack_api_token
396 | SLACK_BOT_TOKEN
397 | slack_channel
398 | slack_key
399 | slack_outgoing_token
400 | slack_secret_token
401 | slack_signing_secret
402 | slack_token
403 | slack_webhook
404 | slash_developer_space_key
405 | snoowrap_password
406 | socrata_password
407 | sonar_organization_key
408 | sonar_project_key
409 | sonatype_password
410 | sonatype_token_password
411 | soundcloud_password
412 | sql_password
413 | sqsaccesskey
414 | square_access_token
415 | squareSecret
416 | square_token
417 | ssh
418 | ssh2_auth_password
419 | ssh-key
420 | ssh_key
421 | sshkey
422 | sshpass
423 | staging
424 | stg
425 | storePassword
426 | stormpath_api_key_id
427 | stormpath_api_key_secret
428 | stripe
429 | stripe_key
430 | stripe_secret
431 | strip_key
432 | strip_secret_key
433 | stripToken
434 | svn_pass
435 | swagger
436 | tesco_api_key
437 | tester_keys_password
438 | testuser
439 | thera_oss_access_key
440 | token
441 | trash
442 | trusted_hosts
443 | twilio_account_id
444 | twilio_account_secret
445 | twilio_account_sid
446 | twilio_accountsid
447 | twilio_acount_sid NOT env
448 | twilio_acount_sid+NOT+env
449 | twilio_api
450 | twilio_api_auth
451 | twilioapiauth
452 | twilio_api_key
453 | twilio_api_secret
454 | twilio_api_sid
455 | twilio_api_token
456 | twilio secret
457 | twilio+secret
458 | twilio_secret
459 | twiliosecret
460 | twilio_secret_token
461 | TWILIO_SID NOT env
462 | TWILIO_SID+NOT+env
463 | twilio_token
464 | twine_password
465 | twitterKey
466 | twitter_secret
467 | user auth
468 | username
469 | user_pass
470 | user_password
471 | WFClient Password extension:ica
472 | WFClient+Password+extension:ica
473 | x-api-key
474 | zendesk_api_token
475 | zendesk_key
476 | zendesk_token
477 | zendesk_url
478 | zendesk_username
479 | zen_key
480 | zen_tkn
481 | zen_token
482 | extension:bat
483 | extension:cfg
484 | extension:dbeaver-data-sources.xml
485 | extension:env
486 | extension:exs
487 | extension:ini
488 | extension:json api.forecast.io
489 | extension:json+api.forecast.io
490 | extension:json googleusercontent client_secret
491 | extension:json+googleusercontent+client_secret
492 | extension:json mongolab.com
493 | extension:json+mongolab.com
494 | extension:pem
495 | extension:pem private
496 | extension:pem+private
497 | extension:ppk
498 | extension:ppk private
499 | extension:ppk+private
500 | extension:properties
501 | extension:sh
502 | extension:sls
503 | extension:sql
504 | extension:sql mysql dump
505 | extension:sql+mysql+dump
506 | extension:sql mysql dump password
507 | extension:sql+mysql+dump+password
508 | extension:yaml mongolab.com
509 | extension:yaml+mongolab.com
510 | extension:zsh
511 | filename:bash
512 | filename:.bash_history
513 | filename:bash_history
514 | filename:bash_profile
515 | filename:.bash_profile aws
516 | filename:.bash_profile+aws
517 | filename:bashrc
518 | filename:.bashrc mailchimp
519 | filename:.bashrc+mailchimp
520 | filename:.bashrc password
521 | filename:.bashrc+password
522 | filename:beanstalkd.yml
523 | filename:CCCam.cfg
524 | filename:composer.json
525 | filename:config
526 | filename:config irc_pass
527 | filename:config+irc_pass
528 | filename:config.json auths
529 | filename:config.json+auths
530 | filename:config.php dbpasswd
531 | filename:config.php+dbpasswd
532 | filename:configuration.php JConfig password
533 | filename:configuration.php+JConfig+password
534 | filename:connections
535 | filename:connections.xml
536 | filename:constants
537 | filename:credentials
538 | filename:credentials aws_access_key_id
539 | filename:credentials+aws_access_key_id
540 | filename:.cshrc
541 | filename:cshrc
542 | filename:database
543 | filename:dbeaver-data-sources.xml
544 | filename:deployment-config.json
545 | filename:deploy.rake
546 | filename:dhcpd.conf
547 | filename:dockercfg
548 | filename:.dockercfg auth
549 | filename:.dockercfg+auth
550 | filename:env
551 | filename:.env DB_USERNAME NOT homestead
552 | filename:.env+DB_USERNAME+NOT+homestead
553 | filename:environment
554 | filename:.env MAIL_HOST=smtp.gmail.com
555 | filename:.env MAIL_HOSTsmtp.gmail.com
556 | filename:.env+MAIL_HOSTsmtp.gmail.com
557 | filename:.esmtprc password
558 | filename:.esmtprc+password
559 | filename:express.conf
560 | filename:express.conf path:.openshift
561 | filename:express.conf+path:.openshift
562 | filename:filezilla.xml
563 | filename:filezilla.xml Pass
564 | filename:filezilla.xml+Pass
565 | filename:.ftpconfig
566 | filename:gitconfig
567 | filename:.git-credentials
568 | filename:git-credentials
569 | filename:global
570 | filename:.history
571 | filename:history
572 | filename:.htpasswd
573 | filename:htpasswd
574 | filename:hub oauth_token
575 | filename:hub+oauth_token
576 | filename:id_dsa
577 | filename:idea14.key
578 | filename:id_rsa
579 | filename:id_rsa or filename:id_dsa
580 | filename:id_rsa+or+filename:id_dsa
581 | filename:known_hosts
582 | filename:logins.json
583 | filename:makefile
584 | filename:master.key path:config
585 | filename:master.key+path:config
586 | filename:netrc
587 | filename:.netrc password
588 | filename:.netrc+password
589 | filename:_netrc password
590 | filename:_netrc+password
591 | filename:npmrc
592 | filename:.npmrc _auth
593 | filename:.npmrc+_auth
594 | filename:pass
595 | filename:passwd path:etc
596 | filename:passwd+path:etc
597 | filename:.pgpass
598 | filename:pgpass
599 | filename:prod.exs
600 | filename:prod.exs NOT prod.secret.exs
601 | filename:prod.exs+NOT+prod.secret.exs
602 | filename:prod.secret.exs
603 | filename:proftpdpasswd
604 | filename:recentservers.xml
605 | filename:recentservers.xml Pass
606 | filename:recentservers.xml+Pass
607 | filename:.remote-sync.json
608 | filename:robomongo.json
609 | filename:.s3cfg
610 | filename:s3cfg
611 | filename:secrets.yml password
612 | filename:secrets.yml+password
613 | filename:server.cfg
614 | filename:server.cfg rcon password
615 | filename:server.cfg+rcon+password
616 | filename:settings
617 | filename:settings.py SECRET_KEY
618 | filename:settings.py+SECRET_KEY
619 | filename:sftp-config.json
620 | filename:sftp-config.json password
621 | filename:sftp.json path:.vscode
622 | filename:sftp.json+path:.vscode
623 | filename:shadow
624 | filename:shadow path:etc
625 | filename:shadow+path:etc
626 | filename:.sh_history
627 | filename:spec
628 | filename:sshd_config
629 | filename:travis.yml
630 | filename:tugboat
631 | filename:.tugboat NOT _tugboat
632 | filename:.tugboat+NOT+_tugboat
633 | filename:ventrilo_srv.ini
634 | filename:vim_settings.xml
635 | filename:WebServers.xml
636 | filename:wp-config
637 | filename:wp-config.php
638 | filename:zhrc
639 | language:bash ftp
640 | language:python ftp
641 | language:shell username
642 | language:sql username
643 | language:yaml -filename:travis
644 | language:yaml+-filename:travis
645 | 


--------------------------------------------------------------------------------
/google-dorks.txt:
--------------------------------------------------------------------------------
  1 | site:accounts..com/signin/ intitle:"index of" drupal intitle:"index of" admin inurl:login.cgiPages Containing Login Portals site:/joomla/administrator
  2 | inurl:"server-status" intitle:"Apache Status" intext:"Apache Server Status for"
  3 | inurl:/login/index.jsp -site:hertz.*
  4 | intitle:"Index of" inurl:wp-json/oembed
  5 | intitle:"Index of" phpmyadmin
  6 | intitle:"Index of" wp-admin
  7 | intitle:index.of.?.sql
  8 | inurl: /filemanager/dialog.php
  9 | s3 site:amazonaws.com filetype:log
 10 | inurl:cgi/login.pl
 11 | inurl:zoom.us/j and intext:scheduled for
 12 | site:*/auth intitle:login
 13 | inurl: admin/login.aspxPages Containing Login Portals
 14 | "Index of" inurl:webalizer
 15 | "Index of" inurl:phpmyadmin
 16 | "Index of" inurl:htdocs inurl:xampp
 17 | s3 site:amazonaws.com intext:dhcp filetype:txt inurl:apollo
 18 | inurl:/index.aspx/login
 19 | site:amazonaws.com inurl:login.php
 20 | intitle:"IIS Windows Server" -inurl:"IIS Windows Server"
 21 | intitle:"Apache2 Ubuntu Default Page: It works"
 22 | inurl:/filedown.php?file=
 23 | inurl:Dashboard.jspa intext:"Atlassian Jira Project Management Software"
 24 | inurl:app/kibana intext:Loading Kibana
 25 | site:https://docs.google.com/spreadsheets edit
 26 | intitle:"index of" unattend.xml
 27 | inurl:/admin/index.php
 28 | inurl:bc.googleusercontent.com intitle:index of
 29 | inurl:office365 AND intitle:"Sign In | Login | Portal"
 30 | intext:"@gmail.com" AND intext:"@yahoo.com" filetype:sql
 31 | intitle:OmniDB intext:"user. pwd. Sign in."
 32 | intitle:"qBittorrent Web UI" inurl:8080
 33 | site:com inurl:jboss filetype:log -github.com
 34 | intitle:"index of" ".cpanel/caches/config/"
 35 | inurl:'/scopia/entry/index.jsp'
 36 | inurl:/index.aspx/login
 37 | intitle: "index of" "./" "./bitcoin"
 38 | inurl:/portal/apis/fileExplorer/
 39 | intitle:"index of" "/aws.s3/"
 40 | intitle:"index of" hosts.csv | firewalls.csv | linux.csv | windows.csv
 41 | intitle:Test Page for the Nginx HTTP Server on Fedora
 42 | inurl:_cpanel/forgotpwd
 43 | intitle:"index of /" intext:/backup
 44 | intitle:"Swagger UI - " + "Show/Hide"
 45 | site:drive.google.com /preview intext:movie inurl:flv | wmv | mp4 -pdf -edit -view
 46 | intext:"class JConfig {" inurl:configuration.php
 47 | "index of" "database.sql.zip"
 48 | ext:(doc | pdf | xls | txt | ps | rtf | odt | sxw | psw | ppt | pps | xml) (intext:confidential salary | intext:"budget approved") inurl:confidentialext:inc "pwd=" "UID="
 49 | ext:ini intext:env.ini
 50 | ext:ini Version=... password
 51 | ext:ini Version=4.0.0.4 password
 52 | ext:ini eudora.ini
 53 | ext:ini intext:env.ini
 54 | ext:mdb inurl:*.mdb inurl:fpdb shop.mdb
 55 | filetype:SWF SWF
 56 | filetype:TXT TXT
 57 | filetype:XLS XLS
 58 | filetype:asp   DBQ=" * Server.MapPath("*.mdb")
 59 | filetype:asp "Custom Error Message" Category Source
 60 | filetype:asp + "[ODBC SQL"
 61 | filetype:asp DBQ=\" * Server.MapPath(\"*.mdb\") 
 62 | filetype:asp “Custom Error Message” Category Source
 63 | filetype:bak createobject sa
 64 | filetype:bak inurl:"htaccess|passwd|shadow|htusers"
 65 | filetype:conf inurl:firewall -intitle:cvs 
 66 | filetype:conf inurl:proftpd. PROFTP FTP server configuration file reveals
 67 | filetype:dat "password.dat
 68 | filetype:dat \"password.dat\" 
 69 | filetype:eml eml +intext:"Subject" +intext:"From" +intext:"To"
 70 | filetype:eml eml +intext:\"Subject\" +intext:\"From\" +intext:\"To\" 
 71 | filetype:eml eml +intext:”Subject” +intext:”From” +intext:”To”
 72 | filetype:inc dbconn 
 73 | filetype:inc intext:mysql_connect
 74 | filetype:inc mysql_connect OR mysql_pconnect 
 75 | filetype:log inurl:"password.log"
 76 | filetype:log username putty PUTTY SSH client logs can reveal usernames
 77 | filetype:log “PHP Parse error” | “PHP Warning” | “PHP Error”
 78 | filetype:mdb inurl:users.mdb
 79 | filetype:ora ora
 80 | filetype:ora tnsnames
 81 | filetype:pass pass intext:userid
 82 | filetype:pdf "Assessment Report" nessus
 83 | filetype:pem intext:private
 84 | filetype:properties inurl:db intext:password
 85 | filetype:pst inurl:"outlook.pst"
 86 | filetype:pst pst -from -to -date
 87 | filetype:reg reg +intext:"defaultusername" +intext:"defaultpassword"
 88 | filetype:reg reg +intext:\"defaultusername\" +intext:\"defaultpassword\" 
 89 | filetype:reg reg +intext:â? WINVNC3â?
 90 | filetype:reg reg +intext:”defaultusername” +intext:”defaultpassword”
 91 | filetype:reg reg HKEY_ Windows Registry exports can reveal
 92 | filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS
 93 | filetype:sql "insert into" (pass|passwd|password)
 94 | filetype:sql ("values * MD5" | "values * password" | "values * encrypt")
 95 | filetype:sql (\"passwd values\" | \"password values\" | \"pass values\" ) 
 96 | filetype:sql (\"values * MD\" | \"values * password\" | \"values * encrypt\") 
 97 | filetype:sql +"IDENTIFIED BY" -cvs
 98 | filetype:sql password
 99 | filetype:sql password 
100 | filetype:sql “insert into” (pass|passwd|password)
101 | filetype:url +inurl:"ftp://" +inurl:";@"
102 | filetype:url +inurl:\"ftp://\" +inurl:\";@\" 
103 | filetype:url +inurl:”ftp://” +inurl:”;@”
104 | filetype:xls inurl:"email.xls"
105 | filetype:xls username password email
106 | index of: intext:Gallery in Configuration mode
107 | index.of passlist
108 | index.of perform.ini mIRC IRC ini file can list IRC usernames and
109 | index.of.dcim 
110 | index.of.password 
111 | intext:" -FrontPage-" ext:pwd inurl:(service | authors | administrators | users)
112 | intext:""BiTBOARD v2.0" BiTSHiFTERS Bulletin Board"
113 | intext:"# -FrontPage-" ext:pwd inurl:(service | authors | administrators | users) "# -FrontPage-" inurl:service.pwd
114 | intext:"#mysql dump" filetype:sql
115 | intext:"#mysql dump" filetype:sql 21232f297a57a5a743894a0e4a801fc3
116 | intext:"A syntax error has occurred" filetype:ihtml
117 | intext:"ASP.NET_SessionId" "data source="
118 | intext:"About Mac OS Personal Web Sharing"
119 | intext:"An illegal character has been found in the statement" -"previous message"
120 | intext:"AutoCreate=TRUE password=*"
121 | intext:"Can't connect to local" intitle:warning
122 | intext:"Establishing a secure Integrated Lights Out session with" OR intitle:"Data Frame - Browser not HTTP 1.1 compatible" OR intitle:"HP Integrated Lights-
123 | intext:"Fatal error: Call to undefined function" -reply -the -next
124 | intext:"Fill out the form below completely to change your password and user name. If new username is left blank, your old one will be assumed." -edu
125 | intext:"Generated by phpSystem"
126 | intext:"Host Vulnerability Summary Report"
127 | intext:"HostingAccelerator" intitle:"login" +"Username" -"news" -demo
128 | intext:"IMail Server Web Messaging" intitle:login
129 | intext:"Incorrect syntax near"
130 | intext:"Index of" /"chat/logs"
131 | intext:"Index of /network" "last modified"
132 | intext:"Index of /" +.htaccess
133 | intext:"Index of /" +passwd
134 | intext:"Index of /" +password.txt
135 | intext:"Index of /admin"
136 | intext:"Index of /backup"
137 | intext:"Index of /mail"
138 | intext:"Index of /password"
139 | intext:"SQL Server Driver][SQL Server]Line 1: Incorrect syntax near"
140 | intext:"Thank you for your order"   +receipt
141 | intext:"Thank you for your order" +receipt
142 | intext:"Thank you for your purchase" +download
143 | intext:"The following report contains confidential information" vulnerability -search
144 | intext:"phpMyAdmin MySQL-Dump" "INSERT INTO" -"the"
145 | intext:"phpMyAdmin MySQL-Dump" filetype:txt
146 | intext:"phpMyAdmin" "running on" inurl:"main.php"
147 | intextpassword | passcode)   intextusername | userid | user) filetype:csv
148 | intextpassword | passcode) intextusername | userid | user) filetype:csv
149 | intitle:"index of" etc/shadow
150 | intitle:"index of" htpasswd
151 | intitle:"index of" members OR accounts
152 | intitle:"index of" mysql.conf OR mysql_config
153 | intitle:"index of" passwd
154 | intitle:"index of" people.lst
155 | intitle:"index of" pwd.db
156 | intitle:"index of" spwd
157 | intitle:"index of" user_carts OR user_cart
158 | intitle:"index.of *" admin news.asp configview.asp
159 | inurl:admin inurl:userlist Generic userlist files
160 | inurl:php?id=
161 | inurl:index.php?id=
162 | 


--------------------------------------------------------------------------------