# Dorks

Here is a list of most used dorks by me

### Usernames & Passwords <a href="#ca07" id="ca07"></a>

```bash
site:example.com intext:"username" intext:"password" -git
site:example.com filetype:txt OR filetype:log "username" OR "password"
site:example.com inurl:admin OR inurl:login OR inurl:portal
site:pastebin.com "password" OR "login" OR "credentials"
```

### Hardcoded Credentials in Configuration Files <a href="#a768" id="a768"></a>

```shellscript
site:example.com filetype:env "DB_PASSWORD=" OR "DB_USER="
site:example.com filetype:json "AWS_ACCESS_KEY_ID=" OR "AWS_SECRET_ACCESS_KEY="
site:example.com filetype:config "password=" OR "apikey="
```

### Exposed SSH Keys & Private Keys <a href="#d2d8" id="d2d8"></a>

```shellscript
site:example.com filetype:pem OR filetype:key "BEGIN RSA PRIVATE KEY"
site:example.com "BEGIN OPENSSH PRIVATE KEY"
```

### Leaked Internal Documents <a href="#id-45d4" id="id-45d4"></a>

```shellscript
site:example.com filetype:pdf OR filetype:doc OR filetype:xls "confidential" OR "internal use only"
site:example.com filetype:xls OR filetype:csv "employee salary" OR "payroll"
site:example.com filetype:docx "restricted" OR "not for public release"
```

### Exposed Source Code Containing Secrets <a href="#id-27c7" id="id-27c7"></a>

```shellscript
site:example.com filetype:php OR filetype:js OR filetype:env "DB_PASSWORD="
site:example.com intitle:"index of" "config.php"
site:github.com "password" OR "api_key" OR "secret_key"
```

### Banking & Credit Card Data <a href="#id-2741" id="id-2741"></a>

```shellscript
site:example.com intext:"credit card number" OR "CVV" OR "Visa" OR "MasterCard"
site:example.com intext:"bank account number" OR "routing number"
site:example.com filetype:xls OR filetype:csv "financial report"
```

### Sensitive Logs & Backup Files <a href="#id-05e6" id="id-05e6"></a>

```shellscript
site:example.com filetype:log OR filetype:txt "error log" OR "debug log"
site:example.com intitle:"index of" "backup"
site:example.com filetype:sql "database dump" OR "backup"
```

### Cloud & API Keys Exposure <a href="#b575" id="b575"></a>

```shellscript
site:example.com filetype:json "google_api_key=" OR "firebase_api_key="
site:github.com "api_key" OR "access_token" OR "client_secret"
```

### Open Directory Listings <a href="#id-585d" id="id-585d"></a>

```shellscript
site:example.com intitle:"index of" "parent directory"
site:example.com intitle:"index of" "private" OR "confidential"
site:example.com intitle:"index of" "backup" OR "database"
```

### Exposed Admin Panels & Dashboards <a href="#id-2634" id="id-2634"></a>

```shellscript
site:example.com inurl:admin OR inurl:dashboard OR inurl:secure
site:example.com "admin panel" OR "restricted access"
```

### Sensitive Emails & Contact Information <a href="#id-4b4f" id="id-4b4f"></a>

```shellscript
site:example.com intext:"internal use only" OR "do not distribute"
site:example.com intext:"classified" OR "sensitive information"
site:example.com "employee email" OR "staff contact"
```

### Exposed `.git` Repositories <a href="#cdfa" id="cdfa"></a>

```shellscript
inurl:"/.git" example.com -github
```

### Backup Files <a href="#f7dc" id="f7dc"></a>

```shellscript
site:example.com ext:bkf | ext:bkp | ext:bak | ext:old | ext:backup
```

### Exposed Documents <a href="#id-2ed6" id="id-2ed6"></a>

```shellscript
site:example.com ext:doc | ext:docx | ext:pdf | ext:xls | ext:xlsx | ext:csv | ext:sql | ext:txt | ext:conf | ext:key | ext:crt | ext:pfx | ext:py | ext:html | ext:sh
```

### Confidential or Internal-Use Documents <a href="#fb72" id="fb72"></a>

```shellscript
inurl:example.com "not for distribution" | confidential | "employee only" | proprietary | "top secret" | internal | private filetype:xls OR filetype:csv OR filetype:pdf
```

### Configuration Files <a href="#id-61e1" id="id-61e1"></a>

```shellscript
site:example.com ext:xml | ext:conf | ext:ini | ext:cfg | ext:env | ext:rdp | ext:reg
```

### &#x20;Database Files <a href="#id-04dc" id="id-04dc"></a>

```shellscript
site:example.com ext:sql | ext:mdb | ext:dbf
```

### Other Sensitive Stuff <a href="#id-614c" id="id-614c"></a>

```shellscript
site:example.com intitle:"index of" | ext:log | ext:swf | inurl:shell | inurl:backdoor | inurl:wso | inurl:cmd | shadow | passwd | boot.ini

```

### SQL Errors <a href="#d3fb" id="d3fb"></a>

```shellscript
site:example.com intext:"sql syntax near" | intext:"syntax error has occurred" | intext:"unexpected end of SQL command" | intext:"Warning: mysql_connect()"
```

### Finding Login Panels <a href="#id-2465" id="id-2465"></a>

```shellscript
site:target.com intext:"login" | intitle:"login" | inurl:"login" | intext:"username" | intitle:"username" | inurl:"username" | intext:"password" | intitle:"password" | inurl:"password"
```

### Finding API docs <a href="#id-24ee" id="id-24ee"></a>

```shellscript
inurl:apidocs | inurl:api-docs | inurl:swagger | inurl:api-explorer site:"target.com"
```

### Finding API Endpoints <a href="#b343" id="b343"></a>

```shellscript
 site:target.com inurl:api | site:*/rest | site:*/v1 | site:*/v2 | site:*/v3
```

### Third party dorking

```shellscript
site:http://ideone.com | site:http://codebeautify.org | site:http://codeshare.io | site:http://codepen.io | site:http://repl.it | site:http://justpaste.it | site:http://pastebin.com | site:http://jsfiddle.net | site:http://trello.com | site:*.atlassian.net | site:bitbucket.org "target.com"
```

### Google slides

```shellscript
site:*.target.com intext:"docs.google.com/presentation/d"
```

### Google docs

```shellscript
site:*.target.com intext:"docs.google.com/document/"
```

### Google Spreadsheets

```shellscript
site:*.target.com intext:"docs.google.com/spreadsheets"
```

### Google Drive

```shellscript
site:*.target.com intext:"drive.google.com/drive/"
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://julichaan.gitbook.io/julichaan-docs/dorks.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.