100+ advanced Google Dorking queries for OSINT, and database leaks
by Boat - Saturday March 8, 2025 at 04:21 PM
#1
Keep adding yours as well. Let's see what I can learn Big Grin

1. Database Dumps & Credentials Leaks filetype:sql "password" filetype:json "password" filetype:txt "password" filetype:log "password" OR "username" filetype:env "DB_PASSWORD" filetype:conf "password" filetype:ini "password" filetype:sql "insert into users" filetype:xml "password" inurl:"wp-config.php" "DB_PASSWORD" 2. Exposed Website Config Files inurl:".git" "index of" intitle:"Index of" ".env" intitle:"Index of" "wp-config.php" intitle:"Index of" "database.yml" intitle:"Index of" "settings.py" intitle:"Index of" "secrets.json" intitle:"Index of" "config.php" 3. Admin Login Pages intitle:"Admin Login" inurl:admin intitle:"Login Page" inurl:login inurl:"admin/login" inurl:"administrator/login" inurl:"admin.php" inurl:"user/login" inurl:"backend/login" 4. Unsecured CCTV & Security Cameras inurl:"top.htm" inurl:"currenttime" inurl:"viewerframe?mode=" inurl:"view/index.shtml" intitle:"Live View / - AXIS" intitle:"webcamXP 5" intitle:"webcam 7" inurl:"/view/view.shtml" 5. Open File Repositories (Index of) intitle:"index of" "backup" intitle:"index of" "admin" intitle:"index of" "password" intitle:"index of" "database" intitle:"index of" "wp-content" intitle:"index of" "ftpconfig.json" 6. FTP Servers & Exposed Directories intitle:"Index of" inurl:ftp intitle:"Index of /private" intitle:"Index of /confidential" intitle:"Index of /database" 7. Exposed Email Lists & User Credentials filetype:xls "email" "password" filetype:csv "email" "password" filetype:txt "email" "password" filetype:json "email" "password" filetype:log "email" "password" 8. WordPress Sensitive Information inurl:"wp-config.php" "DB_PASSWORD" inurl:"xmlrpc.php" intitle:"Index of" inurl:"wp-content/debug.log" intitle:"Index of" "wp-content/uploads" 9. phpMyAdmin & Database Management intitle:"phpMyAdmin" inurl:"phpmyadmin" intitle:"MySQL dump" filetype:sql inurl:"pma/index.php" inurl:"dbadmin/index.php" inurl:"admin/phpmyadmin" 10. Open Web Directories with Private Content intitle:"index of" "backup.zip" intitle:"index of" "database.sql" intitle:"index of" "config.php" intitle:"index of" "sensitive" intitle:"index of" "htpasswd" 11. Open Routers & Network Devices intitle:"Router Setup" inurl:setup intitle:"DVR Login" intitle:"Network Camera" intitle:"Webcam" inurl:view 12. Unsecured Git Repositories intitle:"Index of" ".git" inurl:".git/config" inurl:".git/HEAD" inurl:"/.git/logs/HEAD" 13. Open Jenkins & DevOps Panels intitle:"Jenkins Dashboard" inurl:"/view/" inurl:"/jenkins/login" intitle:"Dashboard" inurl:"/login" 14. Remote Desktop Services (RDP) inurl:"tsweb/default.htm" inurl:"rdpweb/default.aspx" inurl:"rdesktop.html" intitle:"Remote Desktop Web Connection" 15. Exposed VPN Configurations filetype:conf "auth-user-pass" filetype:ovpn "remote" intitle:"Index of" "openvpn" 16. Public Cloud Storage (AWS, Google, Azure) site:amazonaws.com "index of" site:storage.googleapis.com "index of" site:blob.core.windows.net "index of" 17. Payment Gateways & Invoices intitle:"index of" "invoice.pdf" intitle:"index of" "billing" filetype:pdf "invoice" 18. Exposed API Keys & Tokens filetype:env "API_KEY" filetype:json "api_key" filetype:ini "api_secret" inurl:"config.json" "API_KEY" 19. Web Shells & Backdoors intitle:"index of" "c99.php" intitle:"index of" "r57.php" inurl:"shell.php" inurl:"wso.php" 20. Vulnerable Websites (SQLi, LFI, XSS) inurl:"index.php?id=" inurl:"page.php?id=" inurl:"news.php?id=" inurl:"product.php?id=" inurl:"catalog.php?id=" inurl:"detail.php?id=" inurl:"search.php?q=" 21. Webcam Feeds & IP Cameras inurl:"view/view.shtml" inurl:"video.mjpg" inurl:"webcam.html" inurl:"/axis-cgi/mjpg/video.cgi" 22. Unsecured IoT Devices inurl:"webadmin/index.php" intitle:"webadmin" inurl:"admin" inurl:"/admin/config.php" 23. Logs Containing Sensitive Info filetype:log "session" filetype:log "password" filetype:log "credit card" 24. Misconfigured GitHub Repositories site:github.com "DB_PASSWORD" site:github.com "AWS_ACCESS_KEY_ID" site:github.com "secret_key" 25. Private Corporate Documents filetype:pdf "confidential" filetype:docx "internal" filetype:xlsx "financials"
Reply
#2
You are best hacker thansk you very match brother
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  FREE - DeepX | Search Engine for Egyptian Citizens Database | Dark Web 0xHH 6 82 Yesterday, 02:37 PM
Last Post: rexiz
  Find Info On Google Accounts wallahi 263 67,618 Yesterday, 09:45 AM
Last Post: screwdrivver
  My personal OSINT Tool List omargrant 403 36,593 06-26-2026, 09:00 AM
Last Post: flokx64
  COLLECTION {FREE} Phone Numbers OSINT Tools lulagain 542 15,873 06-26-2026, 08:55 AM
Last Post: flokx64
  COLLECTION Telegram Bots for OSINT Loki 1,081 38,118 06-26-2026, 08:52 AM
Last Post: flokx64



 Users browsing this thread: 1 Guest(s)