-
Notifications
You must be signed in to change notification settings - Fork 86
/
Copy pathsensitive_directories.dorks
444 lines (444 loc) · 16.1 KB
/
sensitive_directories.dorks
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
index.of.secret
index.of.private
index.of.secure
index.of.protected
intitle:"index.of.personal"
inurl:explorer.cfm inurl:(dirpath|This_Directory)
intitle:"index of" intext:"content.ie5"
allinurl:"/*/_vti_pvt/" | allinurl:"/*/_vti_cnf/"
intitle:upload inurl:upload intext:upload -forum -shop -support -w3c
"Index of" rar r01 nfo Modified 2004
intitle:index.of /maildir/new/
intitle:"Backup-Management (phpMyBackup v.0.4 beta * )" -johnny.ihackstuff
intitle:"Folder Listing" "Folder Listing" Name Size Date/Time File Folder
"Directory Listing for" "Hosted by Xerver"
"Welcome to the directory listing of" "NetworkActiv-Web-Server"
"Warning: Installation directory exists at" "Powered by Zen Cart" -demo
inurl:install.pl intext:"Reading path paramaters" -edu
intitle:index.of cisco asa -site:cisco.com
intitle:index.of ios -site:cisco.com
allintext:"WebServerX Server at"
"Index of /backup"
"index of" inurl:root intitle:symlink
inurl:8080 intitle:"Dashboard [Jenkins]"
inurl:/cgi-bin/.cgi
"Config" intitle:"Index of" intext:vpn
intitle:index.of +"Indexed by Apache::Gallery"
intitle:index.of.accounts
intitle:index.of.dropbox
inurl:private_files
intitle:"Index Of" intext:"iCloud Photos" OR intext:"My Photo Stream" OR intext:"Camera Roll"
intitle:"Index of" "wwwroot"
intitle:"Index of" "DCIM"
intitle:"Index of" "WhatsApp Images"
mail spool intitle:index.of
inurl:.listing intitle:index.of
inurl:.DS_Store intitle:index.of
"sql" "parent" intitle:index.of -injection
intitle:index.of inurl:grades site:edu
inurl:"wp-content/uploads/private"
inurl:pipermail intitle:index.of parent
intitle:index.of.mail
inurl:.ssh intitle:index.of authorized_keys
inurl:"folderview?id=" site:drive.google.com
inurl:"/drive/folders/" site:drive.google.com
-inurl:htm -inurl:html intitle:"index of" 100CANON
-inurl:htm -inurl:html intitle:"index of" NIKON
intitle:"Index of /" "joomla_update.php"
index of /htdocs
"m.zippyshare.com/"
inurl:admin inurl:uploads
intitle:index.of intext:viewvc
inurl:/xampp
index.of.winnt
index.of.password
inurl:backup intitle:index.of inurl:admin
"Welcome to phpMyAdmin" " Create new database"
intitle:"Index of c:\Windows"
intitle:"Index of" cfide
"index of cgi-bin"
inurl:j2ee/examples/jsp
inurl:ojspdemos
inurl:/pls/sample/admin_/help/
"index of" inurl:recycler
inurl:/tmp
intitle:intranet inurl:intranet +intext:"human resources"
"Index Of /network" "last modified"
intitle:"album permissions" "Users who can modify photos" "EVERYBODY"
filetype:cfg ks intext:rootpw -sample -test -howto
intitle:"index of /phpmyadmin" modified
index.of.password
"index of" / picasa.ini
intext:"d.aspx?id" || inurl:"d.aspx?id"
intitle:index.of /AlbumArt_
intitle:"Index of *" inurl:"my shared folder" size modified
intitle:index.of (inurl:fileadmin | intitle:fileadmin)
intitle:"webadmin - /*" filetype:php directory filename permission
intitle:"Directory Listing For" intext:Tomcat -int
index.of.dcim
intitle:"index of" -inurl:htm -inurl:html mp3
"intitle:Index.Of /" stats merchant cgi-* etc
intext:"Powered By: TotalIndex" intitle:"TotalIndex"
intitle:"index of" "parent directory" "desktop.ini" site:dyndns.org
"Powered by Invision Power File Manager" (inurl:login.php) | (intitle:"Browsing directory /" )
intitle:"Index of /CFIDE/" administrator
intitle:index.of abyss.conf
intitle:"index of" inurl:ftp (pub | incoming)
intitle:"HFS /" +"HttpFileServer"
"Web File Browser" "Use regular expression"
filetype:torrent torrent
filetype:ini Desktop.iniintext:mydocs.dll
intitle:index.of WEB-INF
intitle:"pictures thumbnails" site:pictures.sprintpcs.com
log inurl:linklint filetype:txt -"checking"
allintitle:"FirstClass Login"
intitle:index.of.config
inurl:ckfinder intext:"ckfinder.html" intitle:"Index of /ckfinder"
"index of" inurl:sym
intitle:"index.of" | inurl:/filemanager/connectors/ intext:uploadtest.html
inurl:"/wp-json/" -wordpress
intext:xampp-dav-unsecure:$apr1$6O9scpDQ$JGw2Tjz0jkrqfKh5hhiqD1
intitle:index.of intext:.bash_history
intitle:"index of" myshare
intitle:"index of" intext:".ds_store"
allinurl:/hide_my_wp=
"jos_users" intitle:"Index of"
inurl:/wp-content/wpbackitup_backups
intitle:"Index of ftp"
inurl:wp-admin/ intext:css/
intitle:"index of" "onetoc2" "one"
intitle:"index of" inurl:"no-ip.com"
intitle:index.of.pubs
intext:index of sym
inurl:"/cms/app/webroot"
intitle:"Index of" "WhatsApp Databases"
intitle:"Index.of" "attachments"
inurl:"default.php" intext:"website" "has been successfully installed on the server!"
private parent intitle:index.of
inurl:users intitle:index.of
inurl:/aspnet_client/system_web/
"My Documents" "parent" intitle:index.of
"Desktop" parent intitle:index.of
intitle:index.of parent inurl:repos
inurl:/server/webapps
intitle: Index of /awstats/data
inurl:safm.asp ext:asp
(intext:"index of /.git") ("parent directory")
intitle:Index of /__MACOSX ...
inurl:/sites/default/files/webform/
inurl:trash intitle:index.of
inurl:pictures intitle:index.of
inurl:/FCKeditor/editor/filemanager/upload/
index:"html/js/editor/fckeditor/editor/filemanager/connectors"
inurl:".esy.es/default.php"
Hostinger © 2016. All rights reserved inurl:default.php
inurl:/fckeditor/editor/plugins/ajaxfilemanager/ajaxfilemanager.php
"Powered by AutoIndex PHP Script" ext:php
site:onedrive.live.com shared by
powered by h5ai
"Index of" inurl:"/$Recycle.Bin/"
intext:"Index of /.git"
intext:"Index of /database"
inurl:/sym/root/ intitle:index.of
intext:/wp-content/plugins/woocommerce/templates/emails/plain/
inurl:/wp-content/plugins/seo-pressor/classes/
intext:"index of /userfiles/file/"
intitle:index.of .bashrc
inurl:"nfs://www." "index of /"
intext:"/wp-content/uploads/wpsc/"
"lv_poweredBy"
inurl:/openwebmail/cgi-bin/openwebmail/etc/
intext:"Powered by ViewVC" | intitle:"ViewVC Repository Listing"
inurl:"apps/backend/config/"
intitle:CV+index of
intitle:"Index Of" intext:".Trash"
intitle:index.of home/000~root~000/
intitle:"Index.Of.Applications (Parallels)" -stackoverflow -quora
intitle:index.of inurl:/websendmail/
:DIR | intitle:index of inurl://whatsapp/
index of /node_modules/ -github -stackoverflow
inurl:"/wp-content/uploads/db-backup"
"Powered by Apache Subversion version"
inurl:"paypal" intitle:"index of" backup | db | access -github
inurl:revslider inurl:'/revslider+port'
inurl:"RootFolder=" Allitems "confidential" | "classified" | "passwords" | username
inurl:'listprojects.spr'
allintext:'HttpFileServer 2.3k'
intitle:"index of /bins" arm
inurl:/wp-includes/certificates/
intitle:index.of id_rsa -id_rsa.pub
"Index of" "database.sql"
"index of" "database_log"
"index of" "database.sql.zip"
intitle:backup+index of
inurl:/typo3/typo3conf
intext:"KRAB-DECRYPT.txt" intitle:"index of"
intext:pure-ftpd.conf intitle:index of
intext:my.cnf intitle:index of
intext:"paytm" intitle:"index of"
inurl:filebrowser.wcgp?subDir Communigate
intitle:"docker" intitle:"index of" config
intitle:" - Revision" + "subversion version"
Index of /.svn
intitle:index of /.sql.gz intext:/backup/
inurl:/proc/tty/ index of
intitle:"index of /" intext:/descargas/
intitle:"index of /" intext:/Download/
index of kcfinder/
index of /ckeditor
intitle:"index of /" authorized_keys
inurl:/wp-content/uploads/wp-backup-plus/
intitle:'index of' "error_log"
intitle:'index of' "access_log"
intitle:"index of /" intext:/backup
index of /etc/certs/
intitle:"Index of /private/"
inurl:"ai1wm-backups"
inurl:"/irj/go/km/docs/"
inurl:"/irj/go/km/" intext:navigation
inurl:"/webdynpro/resources/sap.com/"
intitle:"Index of /" inurl:passport
intitle:"index of /" ssh
allintitle:"Index of /ThinkPHP" | inurl: "/ThinkPHP/"
allintitle:"Index of /Admin/Common" | allintext:"Parent Directory"
allinurl:"wp-content/plugins/wordpress-popup/views/admin/"
"sasl_passwd" | smtpd.conf intitle:"index of"
intitle:"index of" "/user" | "/users"
intitle:"index of" inurl:documents backup
inurl:"/cgi-bin/CVS/"
inurl:"/.Trash" intitle:"index of" ~
intitle:"index of" $Recycle.bin
intitle:"index of" "/Windows/Recent" | "/Windows/History/"
intitle:"index of" "WindowsCookies"
intitle:"index of" "Application Data/Microsoft/Credentials"
"Last modified" intitle:"index of" "dropbox"
"description" & "size" intitle:"index of" "owncloud"
intitle:"index of" "/bitcoin/"
intitle:"index of" ".pem"
intitle:"index of" ".dockerignore"
intitle:"index of" "/aws.s3/"
inurl:typo3conf/l10n/
inurl:/files/contao
inurl:/uploads/wc-logs/
intitle:"index of" "db"
intitle: "index of" "includes"
intitle: "index of" "./" "./bitcoin"
intitle:"index of" ".cpanel/caches/config/"
intitle: "Index of" intext:log
intitle:"Directory Listing For" "Filename" intext:Tomcat/5.0.28
allintitle: "index of/admin"
type:mil inurl:ftp ext:pdf | ps
"/var/cache/registry/"
intitle:"index of" scada
inurl:bc.googleusercontent.com intitle:index of
filetype:git -github.com inurl:"/.git"
filetype:svn -gitlab -github inurl:"/.svn"
intitle:"index of" intext:"Includes
intitle:"index of" intext:"Includes wordpress"
"To Parent Directory" AND "dir>" AND "web.config"
Inurl : /list/hdd1
Index of / *.ovpn
"Index of" inurl:config inurl:production
intitle:"Index of" phpinfo.php
intitle:"Index of" public
intitle:"Index of" portal
intitle:"Index of" wp-config
intitle:"Index of" wp-content
intitle:index.of.?.sql
inurl: /filemanager/dialog.php
"Index of" inurl:webalizer
"Index of" inurl:phpmyadmin
"Index of" inurl:htdocs inurl:xampp
intitle:"Index of" inurl:wp-json/oembed
intitle:"Index of" phpmyadmin
intitle:"Index of" wp-admin
intitle:"index of" drupal
intitle:"index of" admin
inurl:/sites/default/private
intitle:"index of" sql inurl:./db/
intitle:index.of./.sql
intitle:"Index of" login.php
intitle:"Index of" wp-config.php
intitle:index.of.?.bak
intitle:index.of./.db
intitle:"index of" /php4/
intitle:"index of" mysqli.ini
intitle:"index of" ssh2.ini
intitle:index.of.?.mysql
site:*/wp-includes/ inurl:/wp-includes/
site:*/wp-contents/ inurl:/wp-contents/
intitle:"index of" /content/admin/
intitle:"index of" /content/uploads/ -inurl:/wp-content/uploads/
intitle:index.of.?.database
index of /cache
intitle:index.of.?.login
site:*/wordpress/wordpress.bak/
intitle:"index of" /config.ini
inurl:/wp/wp-admin/
inurl:/admin/ intitle:index.of
inurl:admin/data* intext:index of
inurl:/database* ext:sql intext:index of -site:github.com
inurl: /upload.php intitle:index of
inurl:/scgi-bin*
inurl:/wp-admin/includes/plugin-install.php
site:ftp.* index of /ftp/backup
inurl:wp-content intext:backup-db
inurl:/_vti_txt*
intitle:index.of./.htaccess
indexof:.htaccess
indexof:backup/mysql
intitle:index.of "admin.db"
intitle:index.of "admin" filetype:sql
indexof:backup/web.config
site:* index of: *.exe
intitle:"Index of" secret
intitle:"index of" "/etc/mysql/"
inurl:/wp-content/uploads/ninja-forms/ intitle:"index of"
site:* index of: /config
site:*/logs/default.htm
intitle:"Index of" wp-upload
intitle:index.of "database.db"
intitle:index.of "system.db"
site:* index.of: /android/manifest.xml
intext:"index of" intext:..bak intext:config
intitle:index.of "htaccess.txt"
intitle:"index of" "ws_ftp.log"
intitle:index.of "chroot.conf"
intitle:index of "uploads"
index of /storage/logs/
"key" OR key.jar intitle:"index of" webstart
intitle:"index of" .zshrc~ OR .zshrc OR .zshenv OR .zshenv~ -pool -public
intitle:"index of" .oracle_jre_usage/
-pub -pool intitle:"index of" squirrelmail/
-pub -pool intitle:"index of" vagrantfile -"How to"
intitle:"index of" api_key OR "api key" OR apiKey -pool
intitle:"index of" domain.key -public
intitle:"index of" "ftp.log"
intitle:"index of" "sms.log"
-pool intitle:"index of" wget-log -pub
intitle:"index of" "/Cloudflare-CPanel-7.0.1"
intitle:index.of "backwpup"
intitle:index.of "db.zip"
intitle:"index of" "*php.swp"
intitle:"index of" "htdocs.zip"
inurl:concrete/config/
inurl:"/includes/api/" intext:"index of /"
inurl:"/includes/OAuth2" intext:"index of /"
intext:"index of /" ".composer-auth.json"
intitle:"index of" "config.py"
intitle:"index of" "metadata"
intitle:"index of" inurl:wp-json embedurl?
intitle:"index of" "apache-log-parser" "Port 80"
intitle:"index of" "maven-metadata.xml" "Port 80"
intitle:"index of" "jwt-auth"
intitle:"index of" "/concrete/Authentication"
intitle:"index of" cvsroot
intitle:"index of" "cctv"
intitle:"index of" "owncloud/config/*"
intitle:"index of" "iredadmin/*"
intitle: "index of" "MySQL-Router"
intitle:"index of" "common.crt" OR "ca.crt"
intitle:"index of" "proxy.pac" OR "proxy.pac.bak"
intitle:"index of" "global.asa"
intitle:"index of" "/db_backups/"
intitle:"index of" db.frm
intitle:"index of" "git-jira-log"
intitle:"index of" "/admin_backup"
intitle:"index of" "admin/json"
intitle:"index of" "/admin/backup"
intitle:"index of" "graphql/subscription"
intitle:"index of" "symfony/config"
intitle:"index of" "test/storage/framework/sessions/"
intitle:"index of" "tinyfilemanager.php"
intitle:"index of" "api/admin"
"index of" "/config/sql"
intitle:"index of" "admin/config"
intitle:"index of" "system/config"
intitle:"index of" inurl:ftp intext:admin
allintitle: sensitive ext:doc OR ext:xls OR ext:xlsx
intitle:"index of" "uploads.old"
intitle:"Dashboard [Jenkins]"
"index of" "fileadmin"
"index of" "svg"
intitle:"index of" "survey.cgi"
index of logs.tar
"Index of" "sass-cache"
intitle:"index of" "admin/sql/"
intext:"INTERNAL USE ONLY" ext:doc OR ext:pdf OR ext:xls OR ext:xlsx
inurl:admin/data* intext:index of
inurl:_vti_pvt/service.pwd
intitle:"index of" "oauth-private.key"
inurl:member filetype:xls
Index of: /services/pancard/
intitle:"index of" "ssh_host_ecdsa_key"
Google Dork : Index of: /services/aadhar card/
intitle:"index of" "app.log"
"Index of" "/monitoring"
intitle:"index of" "/home/ROOT_PATH/"
intitle:"Index of c:xampp"
intitle:"index of" "/root/etc/security/"
intitle:"Index of /" +.htaccess.old
intitle:"index of" /var/logs filetype:'"log | txt | csv"
Index: /wp-includes/Text/Diff
intitle:"index of" /lsass.exe
"Share Link" inurl:/share.cgi?ssid=
intitle:"index of" "/000~ROOT~000/"
intitle:"index of" "firewall.log" | "firewall.logs"
"-- Dump completed" ext:sql | ext:txt | ext:log
"ws_ftp.log" ext:log
"-- PostgreSQL database dump complete" ext:sql | ext:txt | ext:log | ext:env
"index of" "users.ibd"
"index of" "performance_schema"
ext:reg [HKEY_CURRENT_USERSoftwareSimonTathamPuTTYSshHostKeys]
GitLab ssh.log ext:log
"-- Dumping data for table `users` | `people` | `member`" ext:sql | ext:txt | ext:log | ext:env
"-- Dumping data for table * " ext:sql | ext:xls intext:db | intext:database | intext:password | username
intitle:"index of" "/app.log" | "/app.logs"
"index of" "email.ini"
intitle:"Everything" inurl:C:Windows
intitle:"index of" "/system.log" | "/system.logs"
intitle:"index of" "slapd.conf"
"index of" "mysql.sh"
intitle:"index of" "/CFIDE/" intext:"administrator"
intitle: "Index of" inurl:admin/uploads
intitle:"index of" "server.crt" | "server.csr"
inurl:node_modules/mqtt/test/helpers/
inurl:8080 + intext:"httpfileserver 2.3"
inurl: /.git
intitle:"index of" "WebServers.xml"
"-- Dumping data for table `admin`" | "-- INSERT INTO `admin`" "VALUES" ext:sql | ext:txt | ext:log | ext:env
intitle:index of .git/hooks/
intitle:"index of" "*.cert.pem" | "*.key.pem"
ssh_host_dsa_key.pub + ssh_host_key + ssh_config = "index of / "
"index of" inurl:database ext:sql | xls | xml | json | csv
intitle:"index of" "dump.sql"
intitle:"index of" inurl:admin/download
/etc/certs + "index of /" */*
/etc/config + "index of /" /
"-- Dumped from database version" + "-- Dumped by pg_dump version" ext:txt | ext:sql | ext:env | ext:log
intitle:("Index of" AND "wp-content/plugins/boldgrid-backup/=")
intitle:"index of" "*Maildir/new"
inurl:/jsps/testoperation.jsp "Test Operation"
inurl:/certs/server.key
inurl:print.htm intext:"Domain Name:" + "Open printable report"
inurl:tcpconfig.html
"-----BEGIN PGP PRIVATE KEY BLOCK-----" ext:pem | ext:key | ext:txt -git
"-----BEGIN EC PRIVATE KEY-----" | " -----BEGIN EC PARAMETERS-----" ext:pem | ext:key | ext:txt
inurl:/wp-content/uploads/wp-file-manager-pro
inurl:wp-content/uploads/ intitle:logs
inurl:/wp-content/uploads/wp-file-manager-pro/fm_backup
intitle:"index of" intext:"client.key.pem"
intitle:"index of" "/.vscode"
intext:"CAD Media Log"
intitle:"index of" "/configs"
inurl:filemanager/upload/asp/ "index of"
intitle:"index of" "contacts.vcf"
intitle:index.of (inurl:admin | intitle:admin)
intitle: "Index of" inurl:fileadmin
intitle:"index of" "private/log"
Google Dork: intitle: "index of" "payment"
intitle:"index of SCADA"
intitle: "index of backup.php"
intitle: "index of backup.xml"
intitle:" index of "/Invoices*"
intitle:"index of" ".env"