Exposed Configuration Files

Find web.config, wp-config.php, and other configuration files that may expose database credentials.

Intermediate
High risk - authorized use only
files

Google Dork Query:

ext:config | ext:cfg | ext:ini intext:password
0
Not verified

What It Does

This Google dork helps you find web.config, wp-config.php, and other configuration files that may expose database credentials.. It uses advanced search operators to filter results and find specific types of information that might not appear in regular searches.

Common Use Cases

  • Security Research: Identify potential vulnerabilities and misconfigurations in authorized systems
  • OSINT Investigations: Gather publicly available information for research and analysis
  • Bug Bounty Hunting: Discover exposed endpoints and sensitive data in scope targets
  • SEO & Research: Find indexed pages, backlinks, and competitive intelligence

How to Use Safely

  1. Click the "Copy Query" button above
  2. Navigate to google.com in a new tab
  3. Paste the query into Google's search box
  4. Review results carefully - Only interact with authorized systems
  5. Always obtain authorization before security testing

Responsible Use Required

This dork should only be used on systems you own or have explicit authorization to test. Unauthorized access to computer systems is illegal. Always follow ethical guidelines and obtain proper permission before testing.

TAGS

config
credentials
passwords

Related Dorks

Open Directory Listings

Locate servers with directory listing enabled, potentially exposing sensitive files.

SQL Database Dumps

Find accidentally exposed SQL database backup files containing potentially sensitive data.

Exposed Environment Files

Discover .env files that may contain API keys, secrets, and credentials.