Maintainer: TUXCMD
Contributors: BullsEye0
License: MiT
Latest version: 27th June 2020
Updated the full list
Added google forks in .txt format
Added Google'Admin' dorks section in .txt format
Updated the README.MD
Added exploit-DB (Database)
Added link to The Cyber Plubmer's Handbook by [opsdisk](https://github.com/opsdisk)
Approx 10.000 lines of Google dorks search queries! please initiate a pull request in order to contribute and have your findings added! I will try to keep this list up- to date whenever I've some spare time left.
Feel free to contribute to this repo!
Click here for the full list
or
Click here for the .txt RAW list
Use the following syntax
site:targetwebite.com inurl:admindork
Click here for the .txt RAW full admin dork list
Warning:
It is an illegal act to build a database with Google Dorks. Only use this for research purposes! exploiting these search queries to obtain dataleaks, databases or other sensitive information might cause you a lot of trouble and perhaps even jail.
...
Google might flag you as a 'bot' if you are facing 503' error's you might even be soft- banned. Just use proxychains or FoxyProxy's browser plugin.
Check out the article from opsdisk
Opsdisk wrote an awesome book - recommended if you care about maximizing the capiabilities within SSH
Don’t underestimate the power of Google search. It has most powerful web crawlers in the world, it provides lots of smart search operators and options to filter out only needed information. That’s what make Google Dorks powerful. If used correctly, it can help in finding :
Footholds
Queries that can help a hacker gain a foothold into a web server
Web Server Detection
These links demonstrate Google’s awesome ability to profile web servers.
Files containing usernames
These files contain usernames, but no passwords… Still, google finding usernames on a web site.
Sensitive Directories
Google’s collection of web sites sharing sensitive directories. The files contained in here will vary from sensitive to uber-secret!
Vulnerable Files
HUNDREDS of vulnerable files that Google can find on websites
Files containing passwords
PASSWORDS, for the LOVE OF GOD!!! Google found PASSWORDS!
Vulnerable Servers
These searches reveal servers with specific vulnerabilities. These are found in a different way than the searches found in the “Vulnerable Files” section.
Sensitive Online Shopping Info
Examples of queries that can reveal online shopping info like customer data, suppliers, orders, credit card numbers, credit card info, etc.
Error Messages
Really retarded error messages that say WAY too much!
Files containing juicy info
No usernames or passwords, but interesting stuff none the less.
Network or vulnerability data
These pages contain such things as firewall logs, honeypot logs, network information, IDS logs… all sorts of fun stuff!
Pages containing login portals
These are login pages for various services. Consider them the front door of a website’s more sensitive functions.
Various Online Devices
This category contains things like printers, video cameras, and all sorts of cool things found on the web with Google.
Advisories and Vulnerabilities
These searches locate vulnerable servers. These searches are often generated from various security advisory posts, and in many cases are product or version-specific.