🔍Google Dork Recon
Clean Kali OS
sudo apt update && sudo apt upgrade -y && sudo apt clean && sudo apt autoremove -y && sudo apt autoclean && sudo apt install deborphan && sudo deborphan | xargs sudo apt-get -y remove --purge && rm -rf ~/.local/share/Trash/* && rm -rf ~/.cache/* && sudo journalctl --vacuum-time=3d && echo $(dpkg --list | grep linux-image | awk '{ print $2 }' | sort -V | sed -n '/'`uname -r`'/q;p') $(dpkg --list | grep linux-headers | awk '{ print $2 }' | sort -V | sed -n '/'"$(uname -r | sed "s/\([0-9.-]*\)-\([^0-9]\+\)/\1/")"'/q;p') | xargs sudo apt-get -y purge && sudo updatedb && sudo rm -rf /tmp/* && sudo du -sh /var/* | sort -rh | head -5 && sudo apt install bleachbit && sudo apt install baobab && baobab Fing BB programs and VD Programs
"submit vulnerability report" | "powered by bugcrowd" | "powered by hackerone"site:*/security.txt "bounty"inurl:/bug bounty
inurl:/security
inurl:security.txt
inurl:security "reward"
Bug Bounty program "reward"
inurl:/responsible disclosure
inurl:/responsible-disclosure/ reward
inurl:/responsible-disclosure/ swag
inurl:/responsible-disclosure/ bounty
responsible disclosure "reward" site:com
responsible disclosure hall of fame
"powered by bugcrowd" -site:bugcrowd.com
"submit vulnerability report"
"submit vulnerability report" | "powered by bugcrowd" | "powered by hackerone"
responsible-disclosure hall of fame
inurl:/responsible-disclosure/ swag
inurl:/responsible-disclosure/ reward
inurl:/responsible-disclosure/ bounty
inurl:'/responsible-disclosure' hoodie
responsible-disclosure reward r=h:UK
responsible-disclosure reward r=h:eu
responsible-disclosure reward r=h:nl
responsible-disclosure reward r=h:pk
site:*.*.* inurl:bug inurl:bounty---------------------------------------------------------------
Find Subdomains:
site:*.domain.com -wwwSite:yoursite.com -site:www.yoursite.com---------------------------------------------------------------
Find file Upload:
site:*.tesla.com | site:*.tesla.org & intext:"choose file"site:*.com inurl:"uploadform" site:*.com inurl:"uploadform" filetype:asp ---------------------------------------------------------------
Information Gathering with Metagoofil:
metagoofil -d nasa.gov -t doc,pdf,xls,docx -l 100 -n 50 -o targetdomainfiles -f result.html-------------------------------------------------------------
Find Admin Panel or Directories or the login functionalities:
inurl:login | inurl:signin | intitle:login | intitle:signin site:www.broadcom.comintitle:"Index of /admin" site:yoursitehere.comsite:*.com inurl:/phpmyadmin/index.php?db=Intitle: "login" "admin" site:yoursitehere.cominurl:admin site:yoursitehere.cominurl:login site:yoursitehere.com---------------------------------------------------------------
Search for password directories:
intitle:"Index of /password" site:yoursitehere.comintitle:"Index of /" passwd site:yoursitehere.comintitle:"Index of /" password.txt site:yoursitehere.cominurl:passwd filetype:txt site:yoursitehere.com---------------------------------------------------------------
Finding Sensitive Docs
site:*.broadcom.com -login -signin -signup -register "company name"site:*.ncsc.gov.uk ext:txt | ext:pdf | ext:xml | ext:xls | ext:xlsx | ext:ppt | ext:pptx | ext:doc | ext:docx intext:“confidential” | intext:“Not for Public Release” | intext:”internal use only” | intext:“do not distribute”Finding Sensitive information like credentials and secret key
site:example.com intitle:”index of” “docker-compose.yaml”Finding .env file which contains sensitive creds and information
site:example.com DB_USERNAME filetype:envFinding AWS secret file
site:example.com +intext:”AWSTATS DATA FILE” filetype:txtFinding .env file which contains sensitive creds and information
site:example.com DB_USERNAME filetype:envFinding exposed phpinfo.php files
site:*/phpinfo.php intitle:”phpinfo()”Finding confidential information
filetype:xls site:example.com confidentialSearch Index or Insecure Information:
intitle:"index of /" Parent Directory site:yoursitehere.comSearc for db files containing admin in URL:
inurl:admin filetype:db site:yoursitehere.comSearch for Excel and csv files on target domain:
filetype:xls csv site:yoursitehere.comSearch for mail directories:
intitle:"Index of /mail" site:yoursitehere.comSearch for diffrent extensions:
intitle:"index of ftp" .mdb site:yoursitehere.comSearching for logs on target domain
filetype:log site:yoursitehere.com---------------------------------------------------------------
Search .htaccess File:
ntitle:"Index of /" .htaccess site:yoursitehere.cosite:*.com intext:"Index of /" +.htaccess---------------------------------------------------------------
Find Sensitive Confidential Information Document File:
site:*.com ext:txt | ext:pdf | ext:xml | ext:xls | ext:xlsx | ext:ppt | ext:pptx | ext:doc | ext:docx intext:“confidential” | intext:“Not for Public Release” | intext:”internal use only” | intext:“do not distributesite:*.com filetype:doc | filetype:xlsx | filetype:pdf | filetype:xls | filetype:ppt | filetype:rtf | filetype:pssite:*.com inurl:*.doc | inurl:*.pdf | inurl:*.xls | inurl:*.ppt | inurl:*.rtf | inurl:*.pssite:*.com inurl:/admin filetype:xlsxsite:*.com inurl:/data filetype:xlsx---------------------------------------------------------------
Find Swagger UI:
site:*.com inurl:swagger-ui | inurl:swagger
site:*.com inurl:/swagger/index.html
site:*.com inurl:apidocs | inurl:api-docs | inurl:swagger | inurl:api-explore
inurl:apidocs | inurl:api-docs | inurl:swagger | inurl:api-explorer site:example[.]com---------------------------------------------------------------
Last updated