-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathsearch.config
152 lines (152 loc) · 8.28 KB
/
search.config
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
filetype:pdf | PDF files
filetype:doc | Word documents
filetype:xls | Excel spreadsheets
filetype:txt | Text files
inurl:login.php | Login pages
intitle:"login page" | Pages with 'login page' in title
intext:"username" intext:"password" | Pages containing 'username' and 'password'
inurl:intitle:"index of /" | Directories listing files
inurl:intitle:"index of /backup" | Backup directories
inurl:intitle:"index of /config" | Configuration files
inurl:intitle:"phpinfo()" | PHP configuration details
inurl:intitle:"Welcome to phpMyAdmin" | phpMyAdmin installations
inurl:intitle:"Welcome to OpenSSH" | OpenSSH installations
(inurl:intitle:"Error Occurred" OR intitle:"Server Error") | Pages with error messages
inurl:intext:"MySQL error" | MySQL error messages
inurl:intitle:"Welcome to nginx" | nginx web server installations
inurl:intitle:"Apache2 Ubuntu Default Page" | Default Apache pages on Ubuntu
inurl:intitle:"Index of" intext:"Served by Serv-U" | Serv-U FTP servers
inurl:intitle:"Webcam Live Image" | Webcams broadcasting live images
inurl:intitle:"Network Camera NetworkCamera" | Network cameras
inurl:intitle:"Live View / - AXIS" | AXIS network cameras
intext:"SSN" | Sensitive terms: SSN
intext:"Confidential" | Sensitive terms: Confidential
intext:"Top secret" | Sensitive terms: Top secret
intext:"Secret" | Sensitive terms: Secret
intext:"Internal use only" | Sensitive terms: Internal use only
intext:"Proprietary" | Sensitive terms: Proprietary
intext:"Privileged use" | Sensitive terms: Privileged use
intext:"Not for public distribution" | Sensitive terms: Not for public distribution
filetype:asp | File Types: asp
filetype:aspx | File Types: aspx
filetype:asmx | File Types: asmx
filetype:ashx | File Types: ashx
filetype:ascx | File Types: ascx
filetype:svc | File Types: svc
filetype:shtml | File Types: shtml
filetype:jsp | File Types: jsp
filetype:java | File Types: java
filetype:do | File Types: do
filetype:action | File Types: action
filetype:jspx | File Types: jspx
filetype:jsf | File Types: jsf
filetype:jpf | File Types: jpf
filetype:jnlp | File Types: jnlp
filetype:fcc | File Types: fcc
filetype:nsf | File Types: nsf
filetype:cgi | File Types: cgi
filetype:py | File Types: py
filetype:pl | File Types: pl
filetype:rb | File Types: rb
filetype:exe | File Types: exe
filetype:xml | File Types: xml
filetype:cfg | File Types: cfg
filetype:config | File Types: config
filetype:properties | File Types: properties
filetype:ini | File Types: ini
filetype:sh | File Types: sh
filetype:inc | File Types: inc
filetype:php | File Types: php
filetype:php2 | File Types: php2
filetype:php3 | File Types: php3
filetype:trace.axd | File Types: trace.axd
filetype:elmah.axd | File Types: elmah.axd
intitle:"index of" "parent" | Search parameter for index of parent
filetype:json | File Types: JSON files
filetype:xml | File Types: XML files
filetype:yaml | File Types: YAML files
filetype:txt | File Types: Text files
intitle:"API documentation" | Search parameter for API documentation
intitle:"API reference" | Search parameter for API reference
intitle:"API documentation" filetype:pdf | Search parameter for API documentation in PDF format
intitle:"API reference" filetype:pdf | Search parameter for API reference in PDF format
intext:"REST API" | Search parameter for REST APIs
intext:"SOAP API" | Search parameter for SOAP APIs
intext:"GraphQL API" | Search parameter for GraphQL APIs
intitle:"Swagger UI" | Search parameter for Swagger UI documentation
intitle:"OpenAPI UI" | Search parameter for OpenAPI UI documentation
inurl:/swagger-ui/ | Search parameter for Swagger UI instances
inurl:/openapi-ui/ | Search parameter for OpenAPI UI instances
intitle:"WordPress Version" | Search parameter for WordPress version
intext:"Proudly powered by WordPress" | Search parameter for WordPress-powered websites
inurl:/wp-content/ | Search parameter for WordPress content directory
inurl:/wp-login.php | Search parameter for WordPress login page
inurl:/wp-admin/ | Search parameter for WordPress admin panel
inurl:/wp-config.php | Search parameter for WordPress configuration file
inurl:/wp-content/themes/ | Search parameter for WordPress themes directory
inurl:/wp-content/plugins/ | Search parameter for WordPress plugins directory
inurl:"/wp-json/wp/v2/users" | Wordpress API user directories
intitle:"index.of" intext:"api.txt" | API key files
inurl:"/includes/api/" intext:"index of /" | API Directories
ext:php inurl:"api.php?action=" | XenAPI SQLi
intitle:"index of" api_key OR "api key" OR apiKey -pool | Potential exposed API keys
intext:"© 2010" | Copyright Symbol (©) followed by the year 2010
intext:"© 2011" | Copyright Symbol (©) followed by the year 2011
intext:"© 2012" | Copyright Symbol (©) followed by the year 2012
intext:"© 2013" | Copyright Symbol (©) followed by the year 2013
intext:"© 2014" | Copyright Symbol (©) followed by the year 2014
intext:"© 2015" | Copyright Symbol (©) followed by the year 2015
intext:"© 2016" | Copyright Symbol (©) followed by the year 2016
intext:"© 2017" | Copyright Symbol (©) followed by the year 2017
intext:"© 2018" | Copyright Symbol (©) followed by the year 2018
intext:"© 2019" | Copyright Symbol (©) followed by the year 2019
intext:"© 2020" | Copyright Symbol (©) followed by the year 2020
intext:"copyright" 2010 | Copyright Year: 2010
intext:"copyright" 2011 | Copyright Year: 2011
intext:"copyright" 2012 | Copyright Year: 2012
intext:"copyright" 2013 | Copyright Year: 2013
intext:"copyright" 2014 | Copyright Year: 2014
intext:"copyright" 2015 | Copyright Year: 2015
intext:"copyright" 2016 | Copyright Year: 2016
intext:"copyright" 2017 | Copyright Year: 2017
intext:"copyright" 2018 | Copyright Year: 2018
intext:"copyright" 2019 | Copyright Year: 2019
intext:"copyright" 2020 | Copyright Year: 2020
intitle:"TinyMCE" | Search for pages with "TinyMCE" in the title.
inurl:"/tinymce/" | Search for URLs containing "/tinymce/".
inurl:"/env/" | Search for env in URL
inurl:"/dev/" | Search for dev in URL
inurl:"/staging/" | Search for staging in URL
inurl:"/sandbox/" | Search for sandbox in URL
inurl:"/debug/" | Search for debug in URL
inurl:"/temp/" | Search for temp in URL
inurl:"/internal/" | Search for internal in URL
inurl:"/demo/" | Search for demo in URL
intext:"Powered by TinyMCE" | Search for pages containing the phrase "Powered by TinyMCE" in the text.
filetype:js inurl:"tinymce" | Search for JavaScript files related to TinyMCE.
intitle:"Drupal" | Search for pages with "Drupal" in the title.
inurl:"/drupal/" | Search for URLs containing "/drupal/".
intext:"Powered by Drupal" | Search for pages containing the phrase "Powered by Drupal" in the text.
filetype:module inurl:"/modules/" | Search for Drupal modules within URLs.
intitle:"ColdFusion" | Search for pages with "ColdFusion" in the title.
inurl:"/cfide/" | Search for URLs containing "/cfide/", which is often associated with ColdFusion.
intext:"Powered by ColdFusion" | Search for pages containing the phrase "Powered by ColdFusion" in the text.
filetype:cfm | Search for ColdFusion Markup Language (CFM) files.
filetype:cfc | Search for ColdFusion Components (CFC) files.
inurl:".git" | Search for URLs containing ".git", often associated with Git repositories.
inurl:".circleci" | Search for URLs containing ".circleci", indicating the use of CircleCI for CI/CD.
intitle:"Dashboard [Jenkins]" | Search for Jenkins dashboards by their title.
intitle:"Bamboo Dashboard - Plan" | Search for Bamboo dashboards by their title.
intitle:"GoCD Server Status" | Search for GoCD server status pages by their title.
intitle:"TeamCity - My Projects" | Search for TeamCity project pages by their title.
intitle:"Redis" | Search for pages with "Redis" in the title.
inurl:"/redis/" | Search for URLs containing "/redis/".
intext:"Powered by Redis" | Search for pages containing the phrase "Powered by Redis" in the text.
filetype:conf inurl:"redis.conf" | Search for Redis configuration files.
filetype:dump inurl:"redis.dump" | Search for Redis database dump files.
intitle:"MongoDB" | Search for pages with "MongoDB" in the title.
inurl:"/mongodb/" | Search for URLs containing "/mongodb/".
intext:"Powered by MongoDB" | Search for pages containing the phrase "Powered by MongoDB" in the text.
filetype:json inurl:"mongo.conf" | Search for MongoDB configuration files in JSON format.
filetype:db inurl:"mongo.db" | Search for MongoDB database files.
filetype:zip | Zip files