Scribd
Upload
226 views5 pages

Google Dorks Updated Vulnerability Analysis Full

This document lists various Google Dorks that can be used for vulnerability analysis and security assessments of websites. It categorizes the dorks into sections such as Web Vulnerabilities, Sensitive Information Exposure, Admin Panel Discovery, Open Directories, Filetypes and Extensions, and Public APIs, providing examples for each. The dorks are designed to help identify potential security weaknesses and sensitive data exposure in web applications.

Uploaded by

Siddharth Ojha
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
226 views5 pages

Google Dorks Updated Vulnerability Analysis Full

This document lists various Google Dorks that can be used for vulnerability analysis and security assessments of websites. It categorizes the dorks into sections such as Web Vulnerabilities, Sensitive Information Exposure, Admin Panel Discovery, Open Directories, Filetypes and Extensions, and Public APIs, providing examples for each. The dorks are designed to help identify potential security weaknesses and sensitive data exposure in web applications.

Uploaded by

Siddharth Ojha
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

Google Dorks for Vulnerability Analysis

This document provides a comprehensive list of Google Dorks to identify website vulnerabilities and

perform security analysis. Each dork includes a brief description and a real-world example.

1. Web Vulnerabilities

- Dork: inurl:index.php?id=

Example: 'site:example.com inurl:index.php?id='

- Dork: "select * from" error

Example: 'site:example.com "select * from" error'

- Dork: inurl:"/index.php?id="

Example: 'site:example.com inurl:"/index.php?id="'

- Dork: "mysql_fetch_array" site:

Example: 'site:example.com "mysql_fetch_array"'

- Dork: "Warning: mysql_fetch_array"

Example: 'site:example.com "Warning: mysql_fetch_array"'

- Dork: inurl:"/page.php?id="

Example: 'site:example.com inurl:/page.php?id='

- Dork: "UNION SELECT" site:

Example: 'site:example.com "UNION SELECT"'

- Dork: "error in your SQL syntax" site:

Example: 'site:example.com "error in your SQL syntax"'

- Dork: inurl:login.php?id=

Example: 'site:example.com inurl:login.php?id='

- Dork: "You have an error in your SQL syntax" site:

Example: 'site:example.com "You have an error in your SQL syntax"'

2. Sensitive Information Exposure


- Dork: ext:sql | ext:db

Example: 'site:example.com ext:sql | ext:db'

- Dork: filetype:env "DB_PASSWORD"

Example: 'filetype:env "DB_PASSWORD"'

- Dork: inurl:"/config/" filetype:env

Example: 'site:example.com inurl:"/config/" filetype:env'

- Dork: "secret" filetype:pdf

Example: 'site:example.com "secret" filetype:pdf'

- Dork: filetype:env "password"

Example: 'filetype:env "password"'

- Dork: ext:log "password"

Example: 'site:example.com ext:log "password"'

- Dork: "access_log" filetype:txt

Example: 'site:example.com "access_log" filetype:txt'

- Dork: ext:config filetype:env

Example: 'site:example.com ext:config filetype:env'

- Dork: filetype:json "API_KEY"

Example: 'site:example.com filetype:json "API_KEY"'

- Dork: inurl:"/.env" "DB_PASSWORD"

Example: 'site:example.com inurl:"/.env" "DB_PASSWORD"'

3. Admin Panel Discovery

- Dork: inurl:admin/login.php

Example: 'site:example.com inurl:admin/login.php'

- Dork: intitle:"Admin Panel"

Example: 'site:example.com intitle:"Admin Panel"'

- Dork: inurl:/admin
Example: 'site:example.com inurl:/admin'

- Dork: inurl:administrator

Example: 'site:example.com inurl:administrator'

- Dork: intitle:"Control Panel" "Login"

Example: 'site:example.com intitle:"Control Panel" "Login"'

- Dork: inurl:admin.php | inurl:admin.asp

Example: 'site:example.com inurl:admin.php'

- Dork: inurl:admin-dashboard

Example: 'site:example.com inurl:admin-dashboard'

- Dork: inurl:/admin-login

Example: 'site:example.com inurl:/admin-login'

- Dork: inurl:/manage/admin

Example: 'site:example.com inurl:/manage/admin'

- Dork: inurl:/adminpanel/

Example: 'site:example.com inurl:/adminpanel/'

4. Open Directories

- Dork: intitle:"Index of /"

Example: 'site:example.com intitle:"Index of /"'

- Dork: inurl:/backup/

Example: 'site:example.com inurl:/backup/'

- Dork: inurl:/uploads/

Example: 'site:example.com inurl:/uploads/'

- Dork: intitle:"Index of" + "Parent Directory"

Example: 'site:example.com intitle:"Index of" + "Parent Directory"'

- Dork: inurl:/files/

Example: 'site:example.com inurl:/files/'


- Dork: intitle:"Index of" + "db" + "backup"

Example: 'site:example.com intitle:"Index of" + "db" + "backup"'

- Dork: inurl:/config

Example: 'site:example.com inurl:/config'

- Dork: intitle:"Index of /public/"

Example: 'site:example.com intitle:"Index of /public/"'

- Dork: inurl:/private/backup

Example: 'site:example.com inurl:/private/backup'

- Dork: inurl:/admin/backup/

Example: 'site:example.com inurl:/admin/backup/'

5. Filetypes and Extensions

- Dork: filetype:log inurl:

Example: 'site:example.com filetype:log inurl:'

- Dork: filetype:csv "username,password"

Example: 'filetype:csv "username,password"'

- Dork: filetype:pdf inurl:"confidential"

Example: 'site:example.com filetype:pdf inurl:"confidential"'

- Dork: filetype:xls "password"

Example: 'filetype:xls "password"'

- Dork: filetype:txt "DB_PASSWORD"

Example: 'filetype:txt "DB_PASSWORD"'

- Dork: filetype:php "DB_PASSWORD"

Example: 'filetype:php "DB_PASSWORD"'

- Dork: filetype:xml inurl:config

Example: 'site:example.com filetype:xml inurl:config'

- Dork: filetype:json inurl:"secret"


Example: 'filetype:json inurl:"secret"'

- Dork: filetype:log "root password"

Example: 'filetype:log "root password"'

- Dork: filetype:txt "sensitive data"

Example: 'filetype:txt "sensitive data"'

6. Public APIs

- Dork: "api_key" filetype:json

Example: '"api_key" filetype:json'

- Dork: "Authorization: Bearer" filetype:txt

Example: '"Authorization: Bearer" filetype:txt'

- Dork: "key":"API" site:

Example: 'site:example.com "key":"API"'

- Dork: "API Key" site:

Example: 'site:example.com "API Key"'

- Dork: "access_token" site:

Example: 'site:example.com "access_token"'

- Dork: "auth_token" filetype:json

Example: 'filetype:json "auth_token"'

- Dork: "client_id" "client_secret" site:

Example: 'site:example.com "client_id" "client_secret"'

- Dork: "api_secret" filetype:env

Example: 'filetype:env "api_secret"'

- Dork: "api_url" "API_KEY"

Example: 'site:example.com "api_url" "API_KEY"'

- Dork: "secret key" filetype:env

Example: 'filetype:env "secret key"'

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy