SQL Injection Google Dorks

345 dorks available • Updated 2026

SQL injection remains one of the OWASP Top 10 vulnerabilities and is a critical focus for security researchers. Our SQL injection dorks help you identify potential SQLi targets by finding pages with database error messages, vulnerable parameter patterns, and common injection points. Use these dorks responsibly during authorized penetration tests to discover applications that may be susceptible to SQL injection attacks.

Unlock All SQL Injection Dorks

Pro members get unlimited saves, export, and exclusive dorks

Go Pro

35 Premium Dorks in SQL Injection Dorks

Upgrade to Pro for instant access to all premium dorks + unlimited saves and exports.

Save Your Favorite Dorks

Create a free account to save dorks, track your history, and build custom collections.

Vulnerability
beginner

Find index.of Pages

Locates open directory listings exposing network device management interfaces that should be restricted to internal access only.

intitle:index.of cisco asa -site:cisco.com
cisco.com
0
Not verified
Vulnerability
beginner

Google Dork: Remote Supervisor Adapter II"...

Discovers IBM Remote Supervisor Adapter II login interfaces used for server hardware management.

Remote Supervisor Adapter II" inurl:userlogin_logo.ssi
0
Not verified
Vulnerability
beginner

Google Dork: inurl:src/login.php...

Searches for specific URL patterns and page content that may expose misconfigured services or sensitive resources.

inurl:src/login.php
php
0
Not verified
Vulnerability
beginner

Find "Welcome Pages

Finds exposed Microsoft IIS default and error pages that reveal web server version information and potential misconfigurations.

intitle:"Welcome to IIS 4.0
0
Not verified
Vulnerability
beginner

Google Dork: LANCOM DSL/*-* Office *"...

Finds exposed LANCOM DSL/*-* Office * interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

LANCOM DSL/*-* Office *" "Entry Page
0
Not verified
Vulnerability
beginner

Google Dork: inurl:"sbw2Behoerden.php...

Searches for specific URL patterns and page content that may expose misconfigured services or sensitive resources.

inurl:"sbw2Behoerden.php
php
0
Not verified
Vulnerability
beginner

Google Dork: inurl:"toplist.php" "powered by phpbb...

Identifies targeted web resources that may contain security misconfigurations or vulnerabilities exploitable during authorized security assessments.

inurl:"toplist.php" "powered by phpbb
php
0
Not verified
Vulnerability
beginner

Find AppServ Open Project * Pages

Finds exposed AppServ installer pages revealing Apache, PHP, and MySQL default installation details.

intitle:"AppServ Open Project *" "AppServ is a merging open source software installer package" -phpbb
php
0
Not verified
Vulnerability
beginner

Find ARI Pages

Locates Asterisk Recording Interface (ARI) Phone System Administrator panels that control VoIP infrastructure.

intitle:ARI "Phone System Administrator
0
Not verified
Vulnerability
beginner

Google Dork: allinurl: id "com_jooget...

Searches for specific URL patterns and page content that may expose misconfigured services or sensitive resources.

allinurl: id "com_jooget
0
Not verified
Vulnerability
beginner

Google Dork: inurl:/dana-na/auth/...

Finds Juniper/Pulse Secure VPN login portals at their default dana-na authentication path.

inurl:/dana-na/auth/
0
Not verified
Vulnerability
beginner

Google Dork: allintext:"fs-admin.php...

Searches for specific URL patterns and page content that may expose misconfigured services or sensitive resources.

allintext:"fs-admin.php
php
0
Not verified
Vulnerability
beginner

Google Dork: inurl:"simplenews/admin...

Discovers exposed Simplenews admin interfaces in Drupal installations that may allow unauthorized newsletter management.

inurl:"simplenews/admin
0
Not verified
Vulnerability
beginner

Find index.of Pages

Searches cisco.com for security-relevant resources that may contain vulnerability reports, disclosure policies, or sensitive data.

intitle:index.of ios -site:cisco.com
cisco.com
0
Not verified
Vulnerability
beginner

Google Dork: Cisco PIX Security Appliance...

Finds exposed Cisco PIX Security Appliance version and serial number information from show ver command output.

Cisco PIX Security Appliance Software Version" + "Serial Number" + "show ver" -inurl
0
Not verified
Vulnerability
beginner

Find "SyncThru Pages

Identifies exposed "syncthru that may contain exploitable security weaknesses or misconfigurations.

allintitle:"SyncThru Web Service
0
Not verified
Vulnerability
beginner

Google Dork: inurl:com_img...

Discovers Joomla installations with exposed com_img component that contains known file upload and path traversal vulnerabilities.

inurl:com_img
0
Not verified
Vulnerability
beginner

Google Dork: allinurl:tseekdir.cgi...

Finds exposed Turbo Seek directory listing CGI scripts that allow browsing and searching server file systems.

allinurl:tseekdir.cgi
0
Not verified
Vulnerability
advanced

Google Dork: allintitle: Axis 2.10 OR...

Searches for specific URL patterns and page content that may expose misconfigured services or sensitive resources.

allintitle: Axis 2.10 OR 2.12 OR 2.30 OR 2.31 OR 2.32 OR 2.33 OR 2.34 OR 2.40 OR 2.42 OR 2.43 "Network Camera
0
Not verified
Vulnerability
beginner

Google Dork: allintitle: EDR1600 login |...

Locates exposed login portals and authentication pages that may allow unauthorized access to administrative interfaces or sensitive system configurations.

allintitle: EDR1600 login | Welcome
0
Not verified
Vulnerability
intermediate

Find XOOPS Site Pages

Finds XOOPS CMS installations running version 2.0.x with the default tagline indicating unmodified deployments.

intitle:"XOOPS Site" intitle:"Just Use it!" | "powered by xoops (2.0)|(2.0.....)
0
Not verified
Vulnerability
beginner

Google Dork: Copyright . Nucleus CMS...

Locates websites running Nucleus CMS v3.22 which may be vulnerable to known exploits in this specific version.

Copyright . Nucleus CMS v3.22 . Valid XHTML 1.0 Strict . Valid CSS . Back to top -demo -"deadly eyes
0
Not verified
Vulnerability
beginner

Google Dork: powered by xmb...

Finds websites powered by XMB forum software that may contain known security vulnerabilities.

powered by xmb
0
Not verified
Vulnerability
beginner

Find "Vsns Pages

Finds websites running Vsns Lemon CMS that may have known security vulnerabilities in the content management system.

Powered by Vsns Lemon" intitle:"Vsns Lemon
0
Not verified
Vulnerability
beginner

Google Dork: allintitle: EDR400 login |...

Identifies exposed allintitle: edr400 login |... that may contain exploitable security weaknesses or misconfigurations.

allintitle: EDR400 login | Welcome
0
Not verified
Vulnerability
beginner

Find X7 Chat Help Center Pages

Finds X7 Chat web application installations that may contain known security vulnerabilities in the chat system.

intitle:"X7 Chat Help Center" | "Powered By X7 Chat" -milw0rm -exploit
0
Not verified
Vulnerability
beginner

Google Dork: inurl:wrcontrollite...

Finds pages with "wrcontrollite" in their URL path that may expose administrative interfaces or sensitive endpoints.

inurl:wrcontrollite
0
Not verified
Vulnerability
beginner

Find "BadBlue: Pages

Finds exposed embedded web server interfaces on hardware devices that may allow configuration changes or firmware updates.

intitle:"BadBlue: the file-sharing web server anyone can use
0
Not verified
Vulnerability
intermediate

Google Dork: allintitle: EverFocus | EDSR...

Searches for specific URL patterns and page content that may expose misconfigured services or sensitive resources.

allintitle: EverFocus | EDSR | EDSR400 Applet
0
Not verified
Vulnerability
PRO
beginner

Google Dork: inurl:cgi-bin/guestimage.html...

Locates exposed CGI scripts and their associated data files that may contain credentials or allow unauthorized server-side execution.

Upgrade to Pro to view
0
Not verified
Vulnerability
beginner

Google Dork: powered by pppblog v...

Finds websites running pppBlog version 0.3.x which contains known security vulnerabilities in its blogging engine.

powered by pppblog v 0.3.(.)
0
Not verified
Vulnerability
beginner

Google Dork: Powered by PHP-Fusion v6.00.110"...

Finds exposed Powered by PHP-Fusion v6.00.110 interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

Powered by PHP-Fusion v6.00.110" | "Powered by PHP-Fusion v6.00.2.." | "Powered by PHP-Fusion v6.00.3.." -v6.00.400 -johnny.ihackstuff
php
0
Not verified
Vulnerability
beginner

Find "Divar Pages

Identifies divar pages that may contain security misconfigurations or vulnerabilities exploitable during authorized security assessments.

intitle:"Divar Web Client
0
Not verified
Vulnerability
beginner

Find Edr1680 Pages

Finds EDR1680 DVR remote viewer interfaces that allow remote access to surveillance recordings.

allintitle:Edr1680 remote viewer
0
Not verified
Vulnerability
beginner

Google Dork: inurl:"php121login.php...

Finds PHP121 chat application login pages that may be vulnerable to SQL injection and authentication bypass.

inurl:"php121login.php
php
0
Not verified
Vulnerability
beginner

Google Dork: Warning: Bad arguments to...

Discovers PHP warning messages from join/implode function errors that reveal application code paths and line numbers.

Warning: Bad arguments to (join|implode) () in" "on line" -help -forum
0
Not verified
Vulnerability
advanced

Find Please login - Forums powered by WWWThreads Pages

Finds WWWThreads forum login pages including direct PHP and Perl login script URLs for forum authentication.

(intitle:"Please login - Forums powered by WWWThreads")|(inurl:"wwwthreads/login.php")|(inurl:"wwwthreads/login.pl?Cat=")
php
0
Not verified
Vulnerability
beginner

Google Dork: Unable to jump to...

Identifies pages with MySQL error messages revealing database query failures that expose table structure information.

Unable to jump to row" "on MySQL result index" "on line
mysql
0
Not verified
Vulnerability
intermediate

Find ("TrackerCam Pages

Finds exposed ("TrackerCam interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

intitle:("TrackerCam Live Video")|("TrackerCam Application Login")|("Trackercam Remote") -trackercam.com
0
Not verified
Vulnerability
intermediate

Find Please login - Forums powered by UBB.threads Pages

Locates exposed HP device management interfaces with default configurations that may allow unauthorized device control.

(intitle:"Please login - Forums powered by UBB.threads")|(inurl:login.php "ubb")
php
0
Not verified
Vulnerability
beginner

Google Dork: You have not provided...

Finds exposed survey systems displaying error messages that reveal the application framework and potential entry points.

You have not provided a survey identification num
0
Not verified
Vulnerability
intermediate

Google Dork: inurl:"/slxweb.dll/external?name=(custportal|webticketcust)...

Finds exposed SalesLogix CRM customer portal and support ticket interfaces that may reveal client data.

inurl:"/slxweb.dll/external?name=(custportal|webticketcust)
0
Not verified
Vulnerability
beginner

Find "Employee Pages

Discovers exposed Employee Intranet Login pages that are publicly indexed and may provide access to internal corporate resources.

intitle:"Employee Intranet Login
0
Not verified
Vulnerability
beginner

Find Apache Status Pages

Discovers Apache Server Status pages that expose real-time server performance metrics and active request information.

intitle:"Apache Status" "Apache Server Status for
apache
0
Not verified
Vulnerability
beginner

Google Dork: This script was created...

Finds exposed This script was created interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

This script was created by Php-ZeroNet" "Script . Php-ZeroNet
php
0
Not verified
Vulnerability
intermediate

Find rymo Login Pages

Discovers exposed "rymo Login" interfaces that may reveal security misconfigurations or allow unauthorized administrative access.

(intitle:"rymo Login")|(intext:"Welcome to rymo") -family
0
Not verified
Vulnerability
beginner

Find Uploader - Uploader v6 Pages

Finds exposed Uploader - Uploader v6 interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

intitle:"Uploader - Uploader v6" -pixloads.com
0
Not verified
Vulnerability
intermediate

Find (EyeSpyFX|OptiCamFX) Pages

Finds exposed EyeSpyFX and OptiCamFX web camera interfaces that allow remote viewing of surveillance streams.

(intitle:(EyeSpyFX|OptiCamFX) "go to camera")|(inurl:servlet/DetectBrowser)
0
Not verified
Vulnerability
advanced

Find MOBOTIX Pages

Discovers publicly accessible internet-connected webcams and cameras that are streaming without proper authentication or access controls.

(intitle:MOBOTIX intitle:PDAS) | (intitle:MOBOTIX intitle:Seiten) | (inurl:/pda/index.html +camera)
0
Not verified
Vulnerability
beginner

Google Dork: powered by php icalendar"...

Locates exposed HP device management interfaces with default configurations that may allow unauthorized device control.

powered by php icalendar" -ihackstuff -exploit
php
0
Not verified
Vulnerability
beginner

Find Flyspray setup Pages

Locates Flyspray 0.9.7 bug tracker installations with exposed setup pages that may allow unauthorized configuration changes.

(intitle:"Flyspray setup"|"powered by flyspray 0.9.7") -flyspray.rocks.cc
0
Not verified
Vulnerability
beginner

Google Dork: intext:"powered by gcards" -ihackstuff...

Identifies targeted web resources that may contain security misconfigurations or vulnerabilities exploitable during authorized security assessments.

intext:"powered by gcards" -ihackstuff -exploit
0
Not verified
Vulnerability
advanced

Find index.of. Pages

Finds PhpCollab and NetOffice project management login pages and directory listings exposing collaboration platforms.

PhpCollab . Log In" | "NetOffice . Log In" | (intitle:"index.of." intitle:phpcollab|netoffice inurl:phpcollab|netoffice -gentoo)
php
0
Not verified
Vulnerability
beginner

Google Dork: Warning: Division by zero...

Finds exposed SoftCart e-commerce configuration files that may contain database credentials, payment settings, and store configuration.

Warning: Division by zero in" "on line" -forum
0
Not verified
Vulnerability
intermediate

Google Dork: powered by phplist" |...

Finds websites running phpList mailing list software with public subscription pages that reveal the software version.

powered by phplist" | inurl:"lists/?p=subscribe" | inurl:"lists/index.php?p=subscribe" -ubbi -bugs +phplist -tincan.co.uk
php
0
Not verified
Vulnerability
beginner

Google Dork: 2004-2005 ReloadCMS Team....

Discovers websites using ReloadCMS from the 2004-2005 era that likely contain multiple unpatched security vulnerabilities.

2004-2005 ReloadCMS Team.
0
Not verified
Vulnerability
beginner

Google Dork: powered by guestbook script"...

Finds websites powered by Guestbook Script software that may contain known vulnerabilities in its visitor comment system.

powered by guestbook script" -ihackstuff -exploit
0
Not verified
Vulnerability
beginner

Find "IVC Pages

Discovers exposed IVC Control Panel interfaces used for video surveillance system management.

intitle:"IVC Control Panel
0
Not verified
Vulnerability
beginner

Google Dork: Powered by XHP CMS"...

Finds websites running XHP CMS content management system that may contain known security vulnerabilities.

Powered by XHP CMS" -ihackstuff -exploit -xhp.targetit.ro
0
Not verified
Vulnerability
beginner

Google Dork: intext:"2000-2001 The phpHeaven Team"...

Identifies legacy phpHeaven Team applications from 2000-2001 that likely contain severe unpatched security flaws.

intext:"2000-2001 The phpHeaven Team" -sourceforge
php
0
Not verified
Vulnerability
beginner

Google Dork: Warning: mysql_connect(): Access denied...

Identifies pages exposing MySQL connection error messages that reveal database usernames, hostnames, and connection details.

Warning: mysql_connect(): Access denied for user: '*@*" "on line" -help -forum
mysql
0
Not verified
Vulnerability
beginner

Google Dork: powered by 4images...

Finds exposed powered by 4images interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

powered by 4images
0
Not verified
Vulnerability
beginner

Google Dork: powered by claroline" -demo...

Identifies production Claroline e-learning platforms (excluding demos) that may expose course materials, student data, and admin functions.

powered by claroline" -demo
0
Not verified
Vulnerability
intermediate

Google Dork: ("This Dragonflyâ„¢ installation was"...

Finds exposed ("This Dragonflyâ„¢ installation was interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

("This Dragonflyâ„¢ installation was" | "Thanks for downloading Dragonfly") -inurl:demo -inurl:cpgnuke.com
0
Not verified
Vulnerability
beginner

Google Dork: intext:"Powered by Plogger!" -plogger.org...

Finds Plogger photo gallery installations with exposed gallery management and image browsing interfaces.

intext:"Powered by Plogger!" -plogger.org -ihackstuff -exploit
0
Not verified
Vulnerability
advanced

Google Dork: inurl:"vsadmin/login" | inurl:"vsadmin/admin" inurl:.php|.asp...

Locates exposed login portals and authentication pages that may allow unauthorized access to administrative interfaces or sensitive system configurations.

inurl:"vsadmin/login" | inurl:"vsadmin/admin" inurl:.php|.asp -"Response.Buffer = True" -javascript
phpjava
0
Not verified
Vulnerability
beginner

Find Skystream Networks Edge Media Router Pages

Discovers exposed "Skystream Networks Edge Media Router" interfaces that may reveal security misconfigurations or allow unauthorized administrative access.

intitle:"Skystream Networks Edge Media Router" -securitytracker.com
0
Not verified
Vulnerability
beginner

Find "GigaDrive Pages

Identifies exposed "gigadrive that may contain exploitable security weaknesses or misconfigurations.

intitle:"GigaDrive Utility
0
Not verified
Vulnerability
intermediate

Find LOGREP - Log file reporting system Pages

Finds exposed LOGREP log file reporting system interfaces that reveal application logs and system events.

intitle:"LOGREP - Log file reporting system" -site:itefix.no
itefix.no
0
Not verified
Vulnerability
beginner

Google Dork: Powered by Loudblog...

Identifies websites running Loudblog CMS which may contain known vulnerabilities in unpatched versions.

Powered by Loudblog
0
Not verified
Vulnerability
beginner

Google Dork: This website engine code...

Identifies targeted web resources that may contain security misconfigurations or vulnerabilities exploitable during authorized security assessments.

This website engine code is copyright" "2005 by Clever Copy" -inurl:demo
0
Not verified
Vulnerability
beginner

Find NAS Pages

Identifies NAS (Network Attached Storage) interfaces that may contain security misconfigurations or vulnerabilities exploitable during authorized security assessments.

intitle:"NAS" inurl:indexeng.html
0
Not verified
Vulnerability
beginner

Google Dork: powered by runcms" -runcms.com...

Identifies targeted web resources that may contain security misconfigurations or vulnerabilities exploitable during authorized security assessments.

powered by runcms" -runcms.com -runcms.org
0
Not verified
Vulnerability
beginner

Google Dork: inurl:"calendarscript/users.txt...

Locates exposed CalendarScript user data files that may contain usernames and authentication information.

inurl:"calendarscript/users.txt
0
Not verified
Vulnerability
beginner

Google Dork: Thank You for using...

Finds websites running WPCeasy content management system that may have security vulnerabilities in its framework.

Thank You for using WPCeasy
0
Not verified
Vulnerability
beginner

Google Dork: OK logout" inurl:vb.htm?logout=1...

Locates exposed device interfaces using vb.htm logout pages, indicating accessible embedded system web panels.

OK logout" inurl:vb.htm?logout=1
0
Not verified
Vulnerability
intermediate

Find Login to @Mail Pages

Discovers exposed PL files that may contain sensitive or proprietary information.

intitle:"Login to @Mail" (ext:pl | inurl:"index") -dwaffleman
pl
0
Not verified
Vulnerability
intermediate

Find "Ethernet Pages

Identifies ethernet pages that may contain security misconfigurations or vulnerabilities exploitable during authorized security assessments.

intitle:"Ethernet Network Attached Storage Utility
0
Not verified
Vulnerability
beginner

Find "Edr1680 Pages

Finds exposed Edr1680 interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

intitle:"Edr1680 remote viewer
0
Not verified
Vulnerability
beginner

Find DVR Client Pages

Finds exposed DVR Client interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

intitle:"DVR Client" -the -free -pdf -downloads -blog -download -dvrtop
0
Not verified
Vulnerability
PRO
beginner

Google Dork: Web-Based Management" "Please input...

Finds web-based management interfaces prompting for password login that may use default or weak credentials.

Upgrade to Pro to view
0
Not verified
Vulnerability
beginner

Find EZPartner Pages

Finds exposed EZPartner interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

intitle:"EZPartner" -netpond
0
Not verified
Vulnerability
intermediate

Find RemotelyAnywhere Pages

Discovers RemotelyAnywhere remote desktop management interfaces on port 2000 that provide full system access through a web browser.

inurl:2000 intitle:RemotelyAnywhere -site:realvnc.comg
realvnc.comg
0
Not verified
Vulnerability
beginner

Google Dork: powered by sblog" +"version...

Finds exposed powered by sblog" +"version interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

powered by sblog" +"version 0.7
0
Not verified
Vulnerability
intermediate

Find Horde :: My Portal Pages

Finds exposed Horde :: My Portal interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

intitle:"Horde :: My Portal" -"[Tickets
0
Not verified
Vulnerability
beginner

Google Dork: Powered by Simplog...

Identifies targeted web resources that may contain security misconfigurations or vulnerabilities exploitable during authorized security assessments.

Powered by Simplog
0
Not verified
Vulnerability
beginner

Find GTchat Pages

Discovers publicly indexed browser bookmark files (bookmarks.html) that reveal users' saved websites, interests, and browsing patterns.

inurl:install.pl intitle:GTchat
0
Not verified
Vulnerability
beginner

Find "::::: Pages

Searches for specific web resources and pages that may expose misconfigured services or sensitive data based on this search pattern.

intitle:"::::: INTELLINET IP Camera Homepage :::::
0
Not verified
Vulnerability
beginner

Google Dork: inurl:build.err...

Finds exposed build error log files that reveal source code paths, compiler details, and software build configurations.

inurl:build.err
0
Not verified
Vulnerability
beginner

Google Dork: Powered by Midmart Messageboard"...

Finds exposed Powered by Midmart Messageboard interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

Powered by Midmart Messageboard" "Administrator Login
0
Not verified
Vulnerability
beginner

Google Dork: inurl:rpSys.html...

Finds exposed Ricoh/Savin printer system report pages that reveal device configuration, network settings, and firmware versions.

inurl:rpSys.html
0
Not verified
Vulnerability
beginner

Find AR-* Pages

Finds web pages containing "AR-*" that may indicate exposed services or sensitive information.

intitle:"AR-*" "browser of frame dealing is necessary
0
Not verified
Vulnerability
beginner

Find Ovislink Pages

Discovers Ovislink router login pages at their default private/login path that may accept default manufacturer credentials.

intitle:Ovislink inurl:private/login
0
Not verified
Vulnerability
PRO
intermediate

Find SQL Files

Finds exposed SQL dump files containing INSERT statements with password fields that may reveal plaintext or hashed user credentials.

Upgrade to Pro to view
sql
0
Not verified
Vulnerability
PRO
beginner

Google Dork: Please re-enter your password...

Finds password confirmation pages where users are asked to re-enter credentials, indicating active authentication forms.

Upgrade to Pro to view
0
Not verified
Vulnerability
beginner

Google Dork: inurl:/img/vr.htm...

Discovers network cameras exposing their virtual reality viewer interface at the default /img/vr.htm path without authentication.

inurl:/img/vr.htm
0
Not verified
Vulnerability
beginner

Find Axis Pages

Finds Axis network camera administration panels at their default admin.shtml path that may allow unauthorized configuration changes.

intitle:Axis inurl:"/admin/admin.shtml
0
Not verified
Vulnerability
intermediate

Find login Pages

Searches johnny.ihackstuff.com for security-relevant resources that may contain vulnerability reports, disclosure policies, or sensitive data.

bp blog admin" intitle:login | intitle:admin -site:johnny.ihackstuff.com
johnny.ihackstuff.com
0
Not verified
Vulnerability
beginner

Google Dork: inurl:ovcgi/jovw...

Finds exposed HP OpenView network management CGI interfaces used for monitoring enterprise IT infrastructure.

inurl:ovcgi/jovw
0
Not verified
Vulnerability
beginner

Find "phpDocumentor Pages

Identifies phpdocumentor pages that may contain security misconfigurations or vulnerabilities exploitable during authorized security assessments.

intitle:"phpDocumentor web interface
php
0
Not verified
Vulnerability
advanced

Find Miva Merchant Administration Login Pages

Finds exposed Miva Merchant Administration Login interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

inurl:/Merchant2/admin.mv | inurl:/Merchant2/admin.mvc | intitle:"Miva Merchant Administration Login" -inurl:cheap-malboro.net
0
Not verified
Vulnerability
advanced

Find b2evo > Login form Pages

Locates exposed login portals and authentication pages that may allow unauthorized access to administrative interfaces or sensitive system configurations.

intitle:"b2evo > Login form" "Login form. You must log in! You will have to accept cookies in order to log in" -demo -site:b2evolution.net
b2evolution.net
0
Not verified
Vulnerability
beginner

Google Dork: DCS inurl:"/web/login.asp...

Finds pages with "/web/login.asp" in their URL path that may expose administrative interfaces or sensitive endpoints.

DCS inurl:"/web/login.asp
0
Not verified
Vulnerability
beginner

Find Admin login Pages

Finds exposed Admin login interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

intitle:"Admin login" "Web Site Administration" "Copyright
0
Not verified
Vulnerability
beginner

Google Dork: Site powered By Limbo...

Finds exposed Site powered By Limbo interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

Site powered By Limbo CMS
0
Not verified
Vulnerability
beginner

Google Dork: intext:"Powered by DEV web...

Finds websites running DEV Web Management System that may contain security vulnerabilities in the admin interface.

intext:"Powered by DEV web management system" -dev-wms.sourceforge.net -demo
0
Not verified
Vulnerability
beginner

Google Dork: inurl:/cgi-bin/pass.txt...

Locates exposed password text files in CGI-BIN directories that may contain plaintext credentials for web applications.

inurl:/cgi-bin/pass.txt
0
Not verified
Vulnerability
beginner

Google Dork: Emergisoft web applications are...

Identifies exposed emergisoft web applications are... that may contain exploitable security weaknesses or misconfigurations.

Emergisoft web applications are a part of our
0
Not verified
Vulnerability
beginner

Google Dork: inurl:Printers/ipp_0001.asp...

Finds pages with "Printers/ipp_0001.asp" in their URL path that may expose administrative interfaces or sensitive endpoints.

inurl:Printers/ipp_0001.asp
0
Not verified
Vulnerability
beginner

Find Dell Laser Printer * Pages

Finds network device pages exposing port_0 configuration and status information.

intitle:"Dell Laser Printer *" port_0 -johnny.ihackstuff
0
Not verified
Vulnerability
beginner

Find "Welcome Pages

Discovers F-Secure product welcome pages that reveal security software deployments and version information.

intitle:"Welcome to F-Secure Policy Manager Server Welcome Page
0
Not verified
Vulnerability
beginner

Google Dork: This website was created...

Identifies websites running phpWebThings 1.4 CMS which contains known SQL injection and cross-site scripting vulnerabilities.

This website was created with phpWebThings 1.4
php
0
Not verified
Vulnerability
advanced

Find Cisco Pages

Locates cisco pages exposing network device management interfaces that should be restricted to internal access only.

intitle:Cisco "You are using an old browser or have disabled javascript. You must use version 4 or higher of Netscape Navigator/Communicator
java
0
Not verified
Vulnerability
beginner

Google Dork: Copyright 2000 - 2005...

Identifies exposed copyright 2000 - 2005... that may contain exploitable security weaknesses or misconfigurations.

Copyright 2000 - 2005 Miro International Pty Ltd. All rights reserved" "Mambo is Free Software released
0
Not verified
Vulnerability
intermediate

Find Data Frame - Browser not HTTP 1.1 compatible Pages

Identifies pages revealing secure connection establishment errors that expose internal network architecture details.

Establishing a secure Integrated Lights Out session with" OR intitle:"Data Frame - Browser not HTTP 1.1 compatible" OR intitle:"HP Integrated Lights-
0
Not verified
Vulnerability
beginner

Google Dork: Powered by UPB" (b...

Identifies targeted web resources that may contain security misconfigurations or vulnerabilities exploitable during authorized security assessments.

Powered by UPB" (b 1.0)|(1.0 final)|(Public Beta 1.0b)
0
Not verified
Vulnerability
intermediate

Find Summit Management Interface Pages

Finds exposed Summit network switch management interfaces revealing network equipment configuration pages.

intitle:"Summit Management Interface" -georgewbush.org.uk
0
Not verified
Vulnerability
beginner

Google Dork: Powered by Xaraya" "Copyright...

Finds exposed Powered by Xaraya" "Copyright interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

Powered by Xaraya" "Copyright 2005
0
Not verified
Vulnerability
advanced

Find *- HP WBEM Login Pages

Locates HP WBEM (Web-Based Enterprise Management) login pages that provide access to server management functions.

intitle:"*- HP WBEM Login" | "You are being prompted to provide login account information for *" | "Please provide the information requested and press
0
Not verified
Vulnerability
intermediate

Google Dork: inurl:nnls_brand.html OR inurl:nnls_nav.html...

Searches for specific URL patterns and page content that may expose misconfigured services or sensitive resources.

inurl:nnls_brand.html OR inurl:nnls_nav.html
0
Not verified
Vulnerability
intermediate

Google Dork: ("Skin Design by Amie...

Identifies exposed ("skin design by amie... that may contain exploitable security weaknesses or misconfigurations.

("Skin Design by Amie of Intense")|("Fanfiction Categories" "Featured Stories")|("default2, 3column, Romance, eFiction")
0
Not verified
Vulnerability
beginner

Find Iomega NAS Manager Pages

Discovers exposed Iomega NAS Manager interfaces that provide administrative access to network-attached storage devices and their contents.

intitle:"Iomega NAS Manager" -ihackstuff.com
0
Not verified
Vulnerability
beginner

Find EXTRANET login Pages

Finds exposed EXTRANET login interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

intitle:"EXTRANET login" -.edu -.mil -.gov -johnny.ihackstuff
0
Not verified
Vulnerability
advanced

Find SNOIE Intel Web Netport Manager Pages

Finds exposed Intel Web Netport Manager setup and status interfaces used for managing Intel-based network infrastructure.

intitle:"SNOIE Intel Web Netport Manager" OR intitle:"Intel Web Netport Manager Setup/Status
0
Not verified
Vulnerability
beginner

Google Dork: Based on DoceboLMS 2.0...

Locates exposed learning management system installations (DoceboLMS) with identifiable version information for vulnerability assessment.

Based on DoceboLMS 2.0
0
Not verified
Vulnerability
beginner

Google Dork: This website powered by...

Identifies targeted web resources that may contain security misconfigurations or vulnerabilities exploitable during authorized security assessments.

This website powered by PHPX" -demo
php
0
Not verified
Vulnerability
intermediate

Find Sony SNT-V304 Video Network Station Pages

Finds exposed Sony SNT-V304 Video Network Station web interfaces used for IP video surveillance management.

intitle:"Sony SNT-V304 Video Network Station" inurl:hsrindex.shtml
0
Not verified
Vulnerability
intermediate

Find urchin (5|3|admin) Pages

Discovers exposed CGI files that may contain sensitive or proprietary information.

intitle:"urchin (5|3|admin)" ext:cgi
cgi
0
Not verified
Vulnerability
beginner

Find Netcam Pages

Discovers publicly accessible webcam interfaces that may be streaming live feeds without authentication.

intitle:"Netcam" intitle:"user login
0
Not verified
Vulnerability
beginner

Google Dork: Warning:" "SAFE MODE Restriction...

Finds PHP safe mode restriction error messages that reveal file ownership details and script paths on web servers.

Warning:" "SAFE MODE Restriction in effect." "The script whose uid is" "is not allowed to access owned by uid 0 in" "on line
0
Not verified
Vulnerability
beginner

Google Dork: Powered by Woltlab Burning...

Finds websites running outdated Woltlab Burning Board forum versions prior to 2.3.2 with known security vulnerabilities.

Powered by Woltlab Burning Board" -"2.3.3" -"v2.3.3" -"v2.3.2" -"2.3.2
0
Not verified
Vulnerability
beginner

Find "EXTRANET Pages

Finds exposed corporate extranet identification and login pages that provide access to internal business systems.

intitle:"EXTRANET * - Identification
0
Not verified
Vulnerability
intermediate

Google Dork: ("port_255/home")|(inurl:"home?port=255")...

Finds exposed network device management pages accessible at port 255 URLs indicating misconfigured infrastructure devices.

("port_255/home")|(inurl:"home?port=255")
0
Not verified
Vulnerability
advanced

Google Dork: inurl:course/category.php | inurl:course/info.php |...

Locates exposed HP device management interfaces with default configurations that may allow unauthorized device control.

inurl:course/category.php | inurl:course/info.php | inurl:iplookup/ipatlas/plot.php
php
0
Not verified
Vulnerability
intermediate

Find Login to the forums - @www.aimoo.com Pages

Discovers exposed "Login to the forums - @www.aimoo.com" interfaces that may reveal security misconfigurations or allow unauthorized administrative access.

intitle:"Login to the forums - @www.aimoo.com" inurl:login.cfm?id=
0
Not verified
Vulnerability
beginner

Google Dork: inurl:login.jsp.bak...

Discovers backup copies of JSP login pages that may contain hardcoded credentials or authentication logic.

inurl:login.jsp.bak
0
Not verified
Vulnerability
beginner

Google Dork: inurl:polly/CP...

Discovers exposed Polly content management control panels that may allow unauthorized access to website administration functions.

inurl:polly/CP
0
Not verified
Vulnerability
beginner

Google Dork: Powered by XOOPS 2.2.3...

Finds websites powered by XOOPS 2.2.3 Final which contains known security vulnerabilities that were patched in later versions.

Powered by XOOPS 2.2.3 Final
0
Not verified
Vulnerability
advanced

Find IQeye302 | IQeye303 | IQeye601 | IQeye602 | IQeye603 Pages

Finds exposed IQeye302 | IQeye303 | IQeye601 | IQeye602 | IQeye603 interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

intitle:"IQeye302 | IQeye303 | IQeye601 | IQeye602 | IQeye603" intitle:"Live Images
0
Not verified
Vulnerability
beginner

Google Dork: CosmoShop by Zaunz Publishing"...

Finds CosmoShop e-commerce installations using the Zaunz Publishing CGI scripts that may expose shopping cart vulnerabilities.

CosmoShop by Zaunz Publishing" inurl:"cgi-bin/cosmoshop/lshop.cgi" -johnny.ihackstuff.com -V8.10.106 -V8.10.100 -V.8.10.85 -V8.10.108 -V8.11*
0
Not verified
Vulnerability
beginner

Find Folder Listing Pages

Discovers exposed "Folder Listing" interfaces that may reveal security misconfigurations or allow unauthorized administrative access.

intitle:"Folder Listing" "Folder Listing" Name Size Date/Time File Folder
0
Not verified
Vulnerability
beginner

Find Biromsoft WebCam Pages

Discovers publicly accessible webcam interfaces that may be streaming live feeds without authentication.

intitle:"Biromsoft WebCam" -4.0 -serial -ask -crack -software -a -the -build -download -v4 -3.01 -numrange:1-10000
0
Not verified
Vulnerability
beginner

Find Bookmarks Pages

Finds pages with "bookmarks.html" in their URL path that may expose administrative interfaces or sensitive endpoints.

intitle:Bookmarks inurl:bookmarks.html "Bookmarks
0
Not verified
Vulnerability
advanced

Find Orite IC301 Pages

Discovers publicly accessible internet-connected webcams and cameras that are streaming without proper authentication or access controls.

intitle:"Orite IC301" | intitle:"ORITE Audio IP-Camera IC-301" -the -a
0
Not verified
Vulnerability
beginner

Find WEB//NEWS Personal Newsmanagement Pages

Locates exposed login portals and authentication pages that may allow unauthorized access to administrative interfaces or sensitive system configurations.

intitle:"WEB//NEWS Personal Newsmanagement" intext:"© 2002-2004 by Christian Scheb - Stylemotion.de"+"Version 1.4 "+"Login
0
Not verified
Vulnerability
beginner

Google Dork: You have requested to...

Identifies exposed you have requested to... that may contain exploitable security weaknesses or misconfigurations.

You have requested to access the management functions" -.edu
0
Not verified
Vulnerability
beginner

Google Dork: Welcome to Administration" "General"...

Finds exposed mail server administration panels revealing SMTP authentication and domain configuration settings.

Welcome to Administration" "General" "Local Domains" "SMTP Authentication" inurl:admin
0
Not verified
Vulnerability
advanced

Find web-cyradm Pages

Finds exposed web-cyradm interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

intitle:"web-cyradm"|"by Luc de Louw" "This is only for authorized users" -tar.gz -site:web-cyradm.org -johnny.ihackstuff
web-cyradm.org
0
Not verified
Vulnerability
beginner

Find i-secure v1.1 Pages

Locates exposed i-Secure v1.1 security monitoring interfaces that may provide access to alarm and surveillance systems.

intitle:"i-secure v1.1" -edu
0
Not verified
Vulnerability
beginner

Google Dork: inurl:csCreatePro.cgi...

Finds exposed csCreatePro CGI form builder interfaces that could allow unauthorized form creation and data access.

inurl:csCreatePro.cgi
0
Not verified
Vulnerability
beginner

Find rapidshare Pages

Discovers exposed LOGIN files that may contain sensitive or proprietary information.

intitle:rapidshare intext:login
loginapi
0
Not verified
Vulnerability
advanced

Find phpLDAPadmin Pages

Discovers phpLDAPadmin installations (v0.9.6/0.9.7) that provide web-based LDAP directory management access.

phpLDAPadmin intitle:phpLDAPadmin filetype:php inurl:tree.php | inurl:login.php | inurl:donate.php (0.9.6 | 0.9.7)
php
0
Not verified
Vulnerability
beginner

Google Dork: Please authenticate yourself to...

Finds exposed Please authenticate yourself to interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

Please authenticate yourself to get access to the management interface
0
Not verified
Vulnerability
PRO
intermediate

Google Dork: intext:"Master Account" "Domain Name"...

Discovers exposed qmailadmin CGI interfaces showing Master Account credentials including domain names and passwords for mail server management.

Upgrade to Pro to view
0
Not verified
Vulnerability
PRO
intermediate

Find Content Management System Pages

Discovers exposed "Content Management System" interfaces that may reveal security misconfigurations or allow unauthorized administrative access.

Upgrade to Pro to view
0
Not verified
Vulnerability
beginner

Find guestbook Pages

Finds websites running Advanced Guestbook 2.x which contains known SQL injection and XSS vulnerabilities in unpatched versions.

intitle:guestbook inurl:guestbook "powered by Advanced guestbook 2.*" "Sign the Guestbook
0
Not verified
Vulnerability
beginner

Google Dork: inurl:chitchat.php "choose graphic...

Locates exposed HP device management interfaces with default configurations that may allow unauthorized device control.

inurl:chitchat.php "choose graphic
php
0
Not verified
Vulnerability
beginner

Google Dork: Powered by GTChat 0.95"+"User...

Locates exposed login portals and authentication pages that may allow unauthorized access to administrative interfaces or sensitive system configurations.

Powered by GTChat 0.95"+"User Login"+"Remember my login information
0
Not verified
Vulnerability
beginner

Google Dork: powered by Gallery v"...

Identifies targeted web resources that may contain security misconfigurations or vulnerabilities exploitable during authorized security assessments.

powered by Gallery v" "[slideshow]"|"images" inurl:gallery
0
Not verified
Vulnerability
PRO
intermediate

Google Dork: you can now password"...

Finds exposed IMChaos social platform pages revealing user profiles with password information visible to profile visitors.

Upgrade to Pro to view
0
Not verified
Vulnerability
intermediate

Find Live View / - AXIS Pages

Finds exposed Live View / - AXIS interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

tilt intitle:"Live View / - AXIS" | inurl:view/view.shtml
0
Not verified
Vulnerability
beginner

Find MyShell Pages

Finds exposed MyShell interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

intitle:MyShell 1.1.0 build 20010923
0
Not verified
Vulnerability
beginner

Find login Pages

Locates exposed login portals and authentication pages that may allow unauthorized access to administrative interfaces or sensitive system configurations.

HostingAccelerator" intitle:"login" +"Username" -"news" -demo
0
Not verified
Vulnerability
beginner

Find GCC WebAdmin Pages

Discovers exposed GCC WebAdmin panels that provide web-based administration access to GNU Compiler Collection build infrastructure.

intitle:"GCC WebAdmin" -gcc.ru
0
Not verified
Vulnerability
beginner

Find Dell Laser Printer M5200 Pages

Discovers exposed Dell server management interfaces including iDRAC and remote access controllers used for hardware management.

intitle:"Dell Laser Printer M5200" port_0
0
Not verified
Vulnerability
advanced

Find Member Login Pages

Finds member login pages requiring cookies that use PHP or CGI backends which may be vulnerable to authentication bypass.

intitle:"Member Login" "NOTE: Your browser must have cookies enabled in order to log into the site." ext:php OR ext:cgi
phpcgi
0
Not verified
Vulnerability
beginner

Find "AlternC Pages

Finds AlternC Desktop hosting control panel login pages that manage web hosting accounts and services.

intitle:"AlternC Desktop
0
Not verified
Vulnerability
beginner

Google Dork: inurl:textpattern/index.php...

Finds pages with "textpattern/index.php" in their URL path that may expose administrative interfaces or sensitive endpoints.

inurl:textpattern/index.php
php
0
Not verified
Vulnerability
advanced

Find com | net | shop Pages

Locates exposed HP device management interfaces with default configurations that may allow unauthorized device control.

intitle:iDVR -intitle:"com | net | shop" -inurl:"asp | htm | pdf | html | php | shtml | com | at | cgi | tv
php
0
Not verified
Vulnerability
intermediate

Google Dork: This section is for...

Discovers administrator-only sections that are publicly indexed, potentially exposing admin functionality.

This section is for Administrators only. If you are an administrator then please
0
Not verified
Vulnerability
beginner

Find login Pages

Finds web pages containing " intitle:" that may indicate exposed services or sensitive information.

inspanel" intitle:"login" -"cannot" "Login ID" -site:inspediumsoft.com
inspediumsoft.com
0
Not verified
Vulnerability
beginner

Find admin panel Pages

Finds admin panels powered by RedKernel CMS that may be accessible with default credentials or known exploits.

intitle:"admin panel" +"Powered by RedKernel
0
Not verified
Vulnerability
intermediate

Find %22Network+Storage+Link+for+USB+2.0+Disks%22+Firmware#=100&hl=en&lr=&c2coff=1&safe=off&filter=0

Finds exposed %22Network+Storage+Link+for+USB+2.0+Disks%22+Firmware#=100&hl=en&lr=&c2coff=1&safe=off&filter=0 interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

http://www.google.com/search?q=intitle:%22Network+Storage+Link+for+USB+2.0+Disks%22+Firmware#=100&hl=en&lr=&c2coff=1&safe=off&filter=0
0
Not verified
Vulnerability
PRO
beginner

Find phpinfo() Pages

Finds exposed phpinfo() pages revealing MySQL default passwords, PHP configuration, and Zend engine details.

Upgrade to Pro to view
mysqlphp
0
Not verified
Vulnerability
beginner

Find "Microsoft Pages

Finds exposed Microsoft Software Update Services (SUS) admin consoles used to manage Windows patch distribution.

inurl:/SUSAdmin intitle:"Microsoft Software Update Services
0
Not verified
Vulnerability
beginner

Google Dork: inurl:exchweb/bin/auth/owalogon.asp...

Identifies targeted web resources that may contain security misconfigurations or vulnerabilities exploitable during authorized security assessments.

inurl:exchweb/bin/auth/owalogon.asp
0
Not verified
Vulnerability
beginner

Find "PacketShaper Pages

Locates exposed login portals and authentication pages that may allow unauthorized access to administrative interfaces or sensitive system configurations.

intitle:"PacketShaper Customer Login
0
Not verified
Vulnerability
intermediate

Find PacketShaper Login Pages

Locates exposed login portals and authentication pages that may allow unauthorized access to administrative interfaces or sensitive system configurations.

( intitle:"PacketShaper Login")|(intitle:"PacketShaper Customer Login")
0
Not verified
Vulnerability
beginner

Find "InterJak Pages

Finds exposed InterJak interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

intitle:"InterJak Web Manager
0
Not verified
Vulnerability
beginner

Google Dork: inurl:Citrix/MetaFrame/default/default.aspx...

Discovers exposed Citrix MetaFrame and XenApp login portals that provide remote application access to enterprise environments.

inurl:Citrix/MetaFrame/default/default.aspx
0
Not verified
Vulnerability
beginner

Find "Welcome Pages

Discovers exposed 602LAN SUITE network server management interfaces used for email, web, and FTP services.

intitle:"Welcome to 602LAN SUITE *
0
Not verified
Vulnerability
beginner

Find Netopia Router (*.) Pages

Finds exposed Netopia Router (*.) interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

intitle:"Netopia Router (*.)""to view this site
0
Not verified
Vulnerability
PRO
beginner

Google Dork: inurl:server.cfg rcon password...

Finds exposed game server configuration files containing RCON passwords used for remote server administration.

Upgrade to Pro to view
0
Not verified
Vulnerability
beginner

Google Dork: To view the Web...

Identifies targeted web resources that may contain security misconfigurations or vulnerabilities exploitable during authorized security assessments.

To view the Web interface of the SpeedTouch, Java
java
0
Not verified
Vulnerability
beginner

Google Dork: inurl:"CgiStart?page=...

Searches for specific URL patterns and page content that may expose misconfigured services or sensitive resources.

inurl:"CgiStart?page=
0
Not verified
Vulnerability
beginner

Google Dork: inurl::2082/frontend -demo...

Locates cPanel frontend login pages on port 2082 that may be vulnerable to brute force attacks.

inurl::2082/frontend -demo
0
Not verified
Vulnerability
intermediate

Find SSHVnc Applet Pages

Locates exposed SSHVnc Applet pages that provide browser-based SSH and VNC access to remote systems.

intitle:"SSHVnc Applet"OR intitle:"SSHTerm Applet
0
Not verified
Vulnerability
intermediate

Find Dell * Pages

Discovers exposed Dell server management interfaces including iDRAC and remote access controllers used for hardware management.

intitle:"Dell *" inurl:port_0
0
Not verified
Vulnerability
beginner

Find "inc. Pages

Searches for specific web resources and pages that may expose misconfigured services or sensitive data based on this search pattern.

intitle:"inc. vpn 3000 concentrator
0
Not verified
Vulnerability
beginner

Find site administration: please log in Pages

Finds eMarketSouth-designed website administration login pages revealing the CMS platform and administrator access points.

intitle:"site administration: please log in" "site designed by emarketsouth
0
Not verified
Vulnerability
beginner

Find Document title goes here Pages

Finds document title goes here pages revealing default installations that have not been properly configured or secured after deployment.

intitle:"Document title goes here" intitle:"used by web search tools" " example of a simple Home Page
0
Not verified
Vulnerability
beginner

Google Dork: inurl:cgi-bin inurl:bigate.cgi...

Locates exposed CGI scripts and their associated data files that may contain credentials or allow unauthorized server-side execution.

inurl:cgi-bin inurl:bigate.cgi
0
Not verified
Vulnerability
beginner

Google Dork: [SQL Server Driver][SQL Server]Line...

Finds exposed [SQL Server Driver][SQL Server]Line interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

[SQL Server Driver][SQL Server]Line 1: Incorrect syntax near" -forum -thread -showthread
0
Not verified
Vulnerability
beginner

Find "Welcome Pages

Discovers default WebSTAR Home Page installations indicating freshly deployed or unconfigured web servers.

intitle:"Welcome To Your WebSTAR Home Page
0
Not verified
Vulnerability
beginner

Google Dork: intext:"vbulletin" inurl:admincp...

Finds web pages and resources containing "vbulletin" that may reveal exposed services, configurations, or sensitive information.

intext:"vbulletin" inurl:admincp
0
Not verified
Vulnerability
beginner

Find "Welcome Pages

Finds exposed Windows Small Business Server 2003 welcome pages indicating outdated and unsupported server installations.

intitle:"Welcome to Windows Small Business Server 2003
0
Not verified
Vulnerability
beginner

Google Dork: inurl:JPGLogin.htm...

Finds pages with "JPGLogin.htm" in their URL path that may expose administrative interfaces or sensitive endpoints.

inurl:JPGLogin.htm
0
Not verified
Vulnerability
intermediate

Find ERROR: The requested URL could not be retrieved Pages

Finds Squid proxy error pages that expose proxy server configurations and internal network details.

intitle:"ERROR: The requested URL could not be retrieved" "While trying to retrieve the URL" "The following error was encountered:
0
Not verified
Vulnerability
beginner

Find SuSE Linux Openexchange Server Pages

Finds exposed SuSE Linux server interfaces and management portals that reveal operating system details and service configurations.

intitle:"SuSE Linux Openexchange Server" "Please activate JavaScript!
java
0
Not verified
Vulnerability
beginner

Find OfficeConnect Wireless 11g Access Point Pages

Identifies officeconnect wireless 11g access point pages that may contain security misconfigurations or vulnerabilities exploitable during authorized security assessments.

intitle:"OfficeConnect Wireless 11g Access Point" "Checking your browser
0
Not verified
Vulnerability
beginner

Google Dork: Webthru User Login...

Locates Webthru device login pages that provide web-based access to network-connected equipment.

Webthru User Login
0
Not verified
Vulnerability
beginner

Find "active Pages

Finds exposed active interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

intitle:"active webcam page
0
Not verified
Vulnerability
beginner

Find "Home Pages

Finds web pages containing " intitle:" that may indicate exposed services or sensitive information.

display printer status" intitle:"Home
0
Not verified
Vulnerability
advanced

Find Flash Operator Panel Pages

Discovers exposed PHP files that may contain sensitive or proprietary information.

intitle:"Flash Operator Panel" -ext:php -wiki -cms -inurl:asternic -inurl:sip -intitle:ANNOUNCE -inurl:lists
php
0
Not verified
Vulnerability
beginner

Find jdewshlp Pages

Finds exposed default "jdewshlp" welcome pages for the Embedded Web Server! installations that reveal software versions and indicate unconfigured deployments.

intitle:jdewshlp "Welcome to the Embedded Web Server!
0
Not verified
Vulnerability
intermediate

Find Lexmark * Pages

Finds network device pages exposing port_0 configuration and status information.

intitle:"Lexmark *" inurl:port_0
0
Not verified
Vulnerability
beginner

Find asterisk.management.portal Pages

Finds exposed Asterisk PBX management portal web interfaces used for VoIP phone system administration.

intitle:asterisk.management.portal web-access
0
Not verified
Vulnerability
beginner

Google Dork: inurl:/en/help.cgi "ID=*...

Locates exposed CGI scripts and their associated data files that may contain credentials or allow unauthorized server-side execution.

inurl:/en/help.cgi "ID=*
0
Not verified
Vulnerability
beginner

Find ListMail Login Pages

Locates exposed login portals and authentication pages that may allow unauthorized access to administrative interfaces or sensitive system configurations.

intitle:"ListMail Login" admin -demo
0
Not verified
Vulnerability
beginner

Google Dork: inurl:"suse/login.pl...

Finds exposed SuSE Linux server interfaces and management portals that reveal operating system details and service configurations.

inurl:"suse/login.pl
0
Not verified
Vulnerability
PRO
intermediate

Find control panel Pages

Finds exposed CGI-based control panels with password prompts that indicate accessible administrative interfaces.

Upgrade to Pro to view
cgi
0
Not verified
Vulnerability
beginner

Find "Service Pages

Finds exposed Service Managed Gateway login pages used for network gateway administration and management.

intitle:"Service Managed Gateway Login
0
Not verified
Vulnerability
beginner

Find Linksys Pages

Finds Linksys router and network device pages hosted on the ourlinksys.com dynamic DNS service.

intitle:Linksys site:ourlinksys.com
ourlinksys.com
0
Not verified
Vulnerability
PRO
intermediate

Find opengroupware.org Pages

Finds exposed OpenGroupware.org login pages revealing collaborative groupware installations with username and password fields.

Upgrade to Pro to view
0
Not verified
Vulnerability
beginner

Find web server status Pages

Finds web server status pages that reveal SSH, Telnet, and other service configurations running on the host.

intitle:"web server status" SSH Telnet
0
Not verified
Vulnerability
beginner

Google Dork: inurl:camctrl.cgi...

Finds pages with "camctrl.cgi" in their URL path that may expose administrative interfaces or sensitive endpoints.

inurl:camctrl.cgi
0
Not verified
Vulnerability
PRO
intermediate

Find Group-Office Pages

Discovers Group-Office groupware login pages that may be vulnerable to brute force or default credential attacks.

Upgrade to Pro to view
0
Not verified
Vulnerability
PRO
intermediate

Find SQL Files

Finds exposed SQL database dump files containing hashed or encrypted user passwords from database exports.

Upgrade to Pro to view
sql
0
Not verified
Vulnerability
intermediate

Find CUPS) Pages

Locates exposed cups) pages that may allow unauthorized access to administrative interfaces or sensitive system configurations.

inurl:"631/admin" (inurl:"op=*") | (intitle:CUPS)
0
Not verified
Vulnerability
beginner

Google Dork: inurl:"bookmark.htm...

Finds publicly accessible browser bookmark files (bookmark.htm) that may reveal internal URLs, admin panels, and saved credentials.

inurl:"bookmark.htm
0
Not verified
Vulnerability
beginner

Find "Browser Pages

Identifies exposed "browser that may contain exploitable security weaknesses or misconfigurations.

intitle:"Browser Launch Page
0
Not verified
Vulnerability
beginner

Google Dork: intext:"Mail admins login here...

Locates exposed login portals and authentication pages that may allow unauthorized access to administrative interfaces or sensitive system configurations.

intext:"Mail admins login here to administrate your domain.
0
Not verified
Vulnerability
beginner

Find switch login Pages

Finds exposed IBM Fast Ethernet Desktop Switch login interfaces accessible from the public internet.

intitle:"switch login" "IBM Fast Ethernet Desktop
0
Not verified
Vulnerability
beginner

Google Dork: Traffic Analysis for" "RMON...

Discovers exposed RMON (Remote Monitoring) traffic analysis pages revealing network traffic patterns and statistics.

Traffic Analysis for" "RMON Port * on unit *
0
Not verified
Vulnerability
beginner

Find welcome to netware * Pages

Locates exposed Novell NetWare server management pages that reveal legacy network infrastructure still in operation.

intitle:"welcome to netware *" -site:novell.com
novell.com
0
Not verified
Vulnerability
PRO
advanced

Google Dork: intext:"Please enter correct password...

Finds login pages with password prompt error messages that confirm the existence of password-protected resources.

Upgrade to Pro to view
0
Not verified
Vulnerability
beginner

Find "EpsonNet Pages

Finds exposed Epson network device management interfaces (EpsonNet WebAssist) that reveal printer and device configuration details.

intitle:"EpsonNet WebAssist Rev
0
Not verified
Vulnerability
intermediate

Google Dork: (inurl:81-cobalt | inurl:cgi-bin/.cobalt)...

Discovers exposed Cobalt RaQ server management interfaces from legacy Sun Microsystems/Cobalt Networks hardware still connected to the internet.

(inurl:81-cobalt | inurl:cgi-bin/.cobalt)
0
Not verified
Vulnerability
beginner

Find "V-Gear Pages

Locates exposed V-Gear BEE IP camera interfaces that allow remote viewing and configuration without proper authentication.

intitle:"V-Gear BEE
0
Not verified
Vulnerability
beginner

Find "Live Pages

Identifies Live NetSnap Cam-Server feeds that are publicly accessible and streaming without authentication.

intitle:"Live NetSnap Cam-Server feed
0
Not verified
Vulnerability
beginner

Find "SpeedStream Pages

Finds exposed SpeedStream DSL modem and router management interfaces accessible from the internet.

intitle:"SpeedStream * Management Interface
0
Not verified
Vulnerability
intermediate

Google Dork: allinurl:"/*/_vti_pvt/" | allinurl:"/*/_vti_cnf/...

Finds Claroline LMS installations excluding demo sites that may expose course data and student information through unpatched versions.

allinurl:"/*/_vti_pvt/" | allinurl:"/*/_vti_cnf/
0
Not verified
Vulnerability
beginner

Google Dork: Copyright (c) Tektronix, Inc."...

Finds exposed Copyright (c) Tektronix, Inc. interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

Copyright (c) Tektronix, Inc." "printer status
0
Not verified
Vulnerability
beginner

Find "Multimon Pages

Finds exposed Multimon UPS monitoring status pages that reveal uninterruptible power supply health data and battery levels.

intitle:"Multimon UPS status page
0
Not verified
Vulnerability
beginner

Google Dork: Warning: mysql_query()" "invalid query...

Identifies MySQL database error pages that are publicly accessible and potentially exposable to data extraction or manipulation.

Warning: mysql_query()" "invalid query
mysql
0
Not verified
Vulnerability
beginner

Google Dork: inurl:/SiteChassisManager/...

Finds exposed SiteChassisManager web application interfaces used for website and server chassis management.

inurl:/SiteChassisManager/
0
Not verified
Vulnerability
beginner

Find phpPgAdmin - Login Pages

Finds exposed phpPgAdmin login pages that provide web-based management access to PostgreSQL databases.

intitle:"phpPgAdmin - Login" Language
php
0
Not verified
Vulnerability
beginner

Find Welcome to Your New Home Page! Pages

Finds welcome to your new home page! pages revealing default installations that have not been properly configured or secured after deployment.

intitle:"Welcome to Your New Home Page!" "by the Debian release
0
Not verified
Vulnerability
intermediate

Google Dork: Phorum Admin" "Database Connection"...

Locates exposed Phorum forum admin panels that may allow unauthorized access to administrative interfaces or sensitive system configurations.

Phorum Admin" "Database Connection" inurl:forum inurl:admin
0
Not verified
Vulnerability
beginner

Google Dork: inurl:"/cgi-bin/loadpage.cgi?user_id=...

Finds CGI-based loadpage scripts with user_id parameters that may be vulnerable to parameter manipulation or injection.

inurl:"/cgi-bin/loadpage.cgi?user_id=
0
Not verified
Vulnerability
beginner

Find EvoCam Pages

Discovers publicly accessible internet-connected webcams and cameras that are streaming without proper authentication or access controls.

intitle:"EvoCam" inurl:"webcam.html
0
Not verified
Vulnerability
beginner

Google Dork: Starting SiteZAP 6.0...

Finds exposed Starting SiteZAP 6.0 interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

Starting SiteZAP 6.0
0
Not verified
Vulnerability
intermediate

Find postfix admin Pages

Finds exposed Postfix Admin web interfaces used to manage email server domains, mailboxes, and aliases.

inurl:postfixadmin intitle:"postfix admin" ext:php
php
0
Not verified
Vulnerability
beginner

Google Dork: inurl:hp/device/this.LCDispatcher...

Discovers HP network devices with exposed LCDispatcher interfaces used for device management and configuration.

inurl:hp/device/this.LCDispatcher
0
Not verified
Vulnerability
beginner

Find "toshiba Pages

Finds exposed Toshiba network camera login pages that may allow unauthorized access to camera feeds.

intitle:"toshiba network camera - User Login
0
Not verified
Vulnerability
beginner

Find "Virtual Pages

Identifies exposed "virtual that may contain exploitable security weaknesses or misconfigurations.

intitle:"Virtual Server Administration System
0
Not verified
Vulnerability
beginner

Find i-Catcher Console Pages

Finds exposed i-Catcher Console interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

please visit" intitle:"i-Catcher Console" Copyright "iCode Systems
0
Not verified
Vulnerability
beginner

Find my webcamXP server! Pages

Discovers webcamXP server instances broadcasting live feeds on port 8080 without access restrictions.

intitle:"my webcamXP server!" inurl:":8080
0
Not verified
Vulnerability
beginner

Find webeye Pages

Locates exposed login portals and authentication pages that may allow unauthorized access to administrative interfaces or sensitive system configurations.

intitle:webeye inurl:login.ml
0
Not verified
Vulnerability
intermediate

Find WordPress > * > Login form Pages

Finds WordPress login pages indexed by Google that expose the wp-login.php authentication endpoint.

intitle:"WordPress > * > Login form" inurl:"wp-login.php
wordpressphp
0
Not verified
Vulnerability
beginner

Find "remote Pages

Finds exposed remote interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

intitle:"remote ui:top page
0
Not verified
Vulnerability
intermediate

Google Dork: inurl:/cgi-bin/finger? Enter (account|host|user|username)...

Locates exposed CGI-based finger service interfaces that allow querying user account information on Unix/Linux systems remotely.

inurl:/cgi-bin/finger? Enter (account|host|user|username)
0
Not verified
Vulnerability
beginner

Google Dork: The script whose uid...

Finds exposed The script whose uid interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

The script whose uid is " "is not allowed to access
0
Not verified
Vulnerability
beginner

Google Dork: File Upload Manager v1.3"...

Identifies targeted web resources that may contain security misconfigurations or vulnerabilities exploitable during authorized security assessments.

File Upload Manager v1.3" "rename to
0
Not verified
Vulnerability
advanced

Google Dork: inurl:portscan.php "from Port"|"Port Range...

Locates exposed HP device management interfaces with default configurations that may allow unauthorized device control.

inurl:portscan.php "from Port"|"Port Range
php
0
Not verified
Vulnerability
beginner

Google Dork: inurl:"putty.reg...

Finds exposed PuTTY registry export files containing saved SSH session configurations and connection credentials.

inurl:"putty.reg
0
Not verified
Vulnerability
beginner

Find Object not found Pages

Identifies Apache web server pages that may contain security misconfigurations or vulnerabilities exploitable during authorized security assessments.

intitle:"Object not found" netware "apache 1..
apache
0
Not verified
Vulnerability
PRO
intermediate

Google Dork: Novell, Inc" WEBACCESS Username...

Finds exposed Novell GroupWise WebAccess login portals that reveal software version numbers and authentication interfaces.

Upgrade to Pro to view
0
Not verified
Vulnerability
beginner

Google Dork: ftp://" "www.eastgame.net...

Finds exposed ftp://" "www.eastgame.net interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

ftp://" "www.eastgame.net
0
Not verified
Vulnerability
beginner

Find ITS System Information Pages

Finds exposed SAP system information and login pages that reveal enterprise resource planning infrastructure details.

intitle:"ITS System Information" "Please log on to the SAP System
0
Not verified
Vulnerability
advanced

Find PWD Files

Discovers exposed PWD files that may contain sensitive or proprietary information.

ext:pwd inurl:(service | authors | administrators | users) "# -FrontPage-
pwd
0
Not verified
Vulnerability
beginner

Find CFG Files

Finds exposed CFG configuration files containing login server addresses and credentials for game servers or applications.

filetype:cfg login "LoginServer=
cfg
0
Not verified
Vulnerability
beginner

Find Novell Pages

Identifies novell pages that may contain security misconfigurations or vulnerabilities exploitable during authorized security assessments.

intitle:Novell intitle:WebAccess "Copyright *-* Novell, Inc
0
Not verified
Vulnerability
beginner

Find phpMyAdmin Pages

Finds exposed phpMyAdmin interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

intitle:phpMyAdmin "Welcome to phpMyAdmin ***" "running on * as root@*
php
0
Not verified
Vulnerability
PRO
beginner

Find please login Pages

Finds login pages displaying partial password hints that reduce the security of authentication systems.

Upgrade to Pro to view
0
Not verified
Vulnerability
intermediate

Find System Statistics Pages

Identifies system statistics pages that may contain security misconfigurations or vulnerabilities exploitable during authorized security assessments.

intitle:"System Statistics" +"System and Network Information Center
0
Not verified
Vulnerability
beginner

Find Big Sister Pages

Finds exposed Big Sister network monitoring dashboards showing server health status and alert conditions.

intitle:"Big Sister" +"OK Attention Trouble
0
Not verified
Vulnerability
PRO
beginner

Find ZyXEL Prestige Router Pages

Locates password and credential files exposing network device management interfaces that should be restricted to internal access only.

Upgrade to Pro to view
0
Not verified
Vulnerability
beginner

Google Dork: sets mode: +s...

Finds IRC chat logs where channel operators set secret mode, revealing server addresses and channel configurations.

sets mode: +s
0
Not verified
Vulnerability
beginner

Google Dork: inurl:"/cricket/grapher.cgi...

Finds exposed Cricket network monitoring grapher CGI interfaces that reveal bandwidth and traffic statistics.

inurl:"/cricket/grapher.cgi
0
Not verified
Vulnerability
beginner

Find the page cannot be found Pages

Finds IIS web server error pages referencing inetmgr (Internet Information Services Manager), revealing Microsoft web server infrastructure.

intitle:"the page cannot be found" inetmgr
0
Not verified
Vulnerability
intermediate

Find "Metaframe Pages

Discovers exposed Citrix MetaFrame and XenApp login portals that provide remote application access to enterprise environments.

inurl:metaframexp/default/login.asp | intitle:"Metaframe XP Login
0
Not verified
Vulnerability
beginner

Find index.of Pages

Finds exposed index.of interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

intitle:index.of people.lst
0
Not verified
Vulnerability
beginner

Google Dork: allinurl:/examples/jsp/snp/snoop.jsp...

Identifies targeted web resources that may contain security misconfigurations or vulnerabilities exploitable during authorized security assessments.

allinurl:/examples/jsp/snp/snoop.jsp
0
Not verified
Vulnerability
intermediate

Find Samba Web Administration Tool Pages

Finds exposed Samba Web Administration Tool interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

intitle:"Samba Web Administration Tool" intext:"Help Workgroup
0
Not verified
Vulnerability
intermediate

Find Ganglia Pages

Finds exposed Ganglia cluster monitoring dashboards displaying server performance metrics and cluster topology.

intitle:"Ganglia" "Cluster Report for
0
Not verified
Vulnerability
beginner

Google Dork: inurl:passlist.txt...

Searches for specific URL patterns and page content that may expose misconfigured services or sensitive resources.

inurl:passlist.txt
0
Not verified
Vulnerability
beginner

Find index of Pages

Finds exposed directory listings containing MySQL configuration files that reveal database credentials.

intitle:"index of" mysql.conf OR mysql_config
mysql
0
Not verified
Vulnerability
beginner

Find "Dell Pages

Discovers exposed Dell server management interfaces including iDRAC and remote access controllers used for hardware management.

intitle:"Dell Remote Access Controller
0
Not verified
Vulnerability
beginner

Find NSF Files

Discovers exposed NSF files that may contain sensitive or proprietary information.

inurl:"webadmin" filetype:nsf
nsf
0
Not verified
Vulnerability
intermediate

Find the page cannot be found Pages

Finds exposed the page cannot be found interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

intitle:"the page cannot be found" "2004 microsoft corporation
0
Not verified
Vulnerability
beginner

Find "MikroTik Pages

Locates MikroTik router management pages exposing network device management interfaces that should be restricted to internal access only.

intitle:"MikroTik RouterOS Managing Webpage
0
Not verified
Vulnerability
beginner

Google Dork: Fatal error: Call to...

Finds exposed Fatal error: Call to interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

Fatal error: Call to undefined function" -reply -the -next
0
Not verified
Vulnerability
beginner

Google Dork: ORA-00921: unexpected end of...

Finds exposed ORA-00921: unexpected end of interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

ORA-00921: unexpected end of SQL command
0
Not verified
Vulnerability
beginner

Search gov* Domain

Finds vulnerability disclosure policy PDFs on government websites outlining how to report security issues.

site:*.gov* "vulnerability disclosure program" OR "bug bounty
.gov*
0
Not verified
Vulnerability
intermediate

Search edu Domain

Identifies security disclosure and vulnerability pages that may contain security misconfigurations or vulnerabilities exploitable during authorized security assessments.

site:*.edu intext:"vulnerability disclosure policy" intext:hall_of_fame
.eduhall_of_fame
0
Not verified
Vulnerability
beginner

Search gov* Domain

Finds vulnerability disclosure policy PDFs on government websites outlining how to report security issues.

site:*.gov* filetype:pdf "vulnerability disclosure policy
.gov*pdf
0
Not verified
Vulnerability
intermediate

Search edu Domain

Finds exposed Search edu Domain interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

site:*.edu inurl:/security intext:"report a vulnerability
.edu
0
Not verified
Vulnerability
intermediate

Google Dork: vulnerability disclosure program" AND...

Finds organizations with formal vulnerability disclosure programs that explicitly offer bounties, rewards, or swag.

vulnerability disclosure program" AND (bounty OR reward OR swag OR "hall of fame")
0
Not verified
Vulnerability
intermediate

Search jp Domain

Identifies jp domain resources that may contain security misconfigurations or vulnerabilities exploitable during authorized security assessments.

site:*.jp intext:"vulnerability report" intext:swag
.jpswag
0
Not verified
Vulnerability
intermediate

Google Dork: If you discover a...

Finds organizations offering swag, hall of fame recognition, or monetary rewards for discovering and reporting security vulnerabilities.

If you discover a vulnerability" AND (swag OR "hall of fame" OR monetary)
0
Not verified
Vulnerability
advanced

Search hackerone.com Domain

Finds companies with active HackerOne bug bounty programs by searching for HackerOne report and disclosure pages.

submit vulnerability report" -site:hackerone.com -site:bugcrowd.com -site:synack.com -site:openbugbounty.org
hackerone.combugcrowd.comsynack.com
0
Not verified
Vulnerability
intermediate

Find TXT Files

Finds security.txt and similar text files containing security contact emails and vulnerability disclosure program details.

security@*" AND ("bug bounty" OR "vulnerability disclosure") ext:txt
txt
0
Not verified
Vulnerability
advanced

Google Dork: responsible disclosure" AND (monetary...

Identifies security disclosure and vulnerability pages that may contain security misconfigurations or vulnerabilities exploitable during authorized security assessments.

responsible disclosure" AND (monetary OR cash OR "gift card" OR crypto OR BTC)
0
Not verified
Vulnerability
advanced

Find Bug Bounty Pages

Finds organizations with formal vulnerability disclosure programs that explicitly offer bounties, rewards, or swag.

intitle:"Bug Bounty" OR intitle:"Vulnerability Disclosure" OR intitle:"Security Rewards
0
Not verified
Vulnerability
beginner

Google Dork: If you believe you've...

Finds organizations publishing vulnerability disclosure policies and security contact information for responsible reporting.

If you believe you've found a security vulnerability
0
Not verified
Vulnerability
intermediate

Search edu Domain

Discovers security vulnerability reporting pages on educational institution (.edu) domains.

site:*.edu intext:security report vulnerability
.edusecurity
0
Not verified
Vulnerability
beginner

Google Dork: inurl:responsible-disclosure-policy...

Finds pages at standardized responsible-disclosure-policy URLs where organizations publish their vulnerability handling procedures.

inurl:responsible-disclosure-policy
0
Not verified
Vulnerability
beginner

Google Dork: responsible disclosure inurl:in...

Identifies security disclosure and vulnerability pages that may contain security misconfigurations or vulnerabilities exploitable during authorized security assessments.

responsible disclosure inurl:in
0
Not verified
Vulnerability
beginner

Google Dork: If you find a...

Finds organizations with formal vulnerability disclosure programs that explicitly offer bounties, rewards, or swag.

If you find a security issue" "reward
0
Not verified
Vulnerability
beginner

Google Dork: powered by synack...

Finds exposed powered by synack interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

powered by synack
0
Not verified
Vulnerability
beginner

Google Dork: vulnerability reporting policy...

Finds exposed vulnerability reporting policy interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

vulnerability reporting policy
0
Not verified
Vulnerability
beginner

Google Dork: inurl:reporting-security-issues...

Finds pages with 'reporting-security-issues' URL paths that contain vulnerability submission guidelines.

inurl:reporting-security-issues
0
Not verified
Vulnerability
beginner

Google Dork: inurl:/responsible-disclosure/ university...

Searches university websites for responsible disclosure program pages where academic institutions accept vulnerability reports.

inurl:/responsible-disclosure/ university
0
Not verified
Vulnerability
beginner

Google Dork: inurl:security.txt...

Discovers security.txt files that organizations publish to communicate vulnerability disclosure policies and security contacts.

inurl:security.txt
0
Not verified
Vulnerability
beginner

Google Dork: inurl:security "reward...

Finds organizations with formal vulnerability disclosure programs that explicitly offer bounties, rewards, or swag.

inurl:security "reward
0
Not verified
Vulnerability
beginner

Google Dork: security vulnerability" "report...

Finds pages discussing security vulnerabilities and report submission processes across organizations.

security vulnerability" "report
0
Not verified
Vulnerability
beginner

Google Dork: inurl:'vulnerability-disclosure-policy' reward...

Discovers bug bounty programs and vulnerability disclosure pages by searching for security reward and responsible reporting keywords.

inurl:'vulnerability-disclosure-policy' reward
0
Not verified
Vulnerability
beginner

Google Dork: responsible disclosure" university...

Discovers bug bounty programs and vulnerability disclosure pages by searching for security reward and responsible reporting keywords.

responsible disclosure" university
0
Not verified
Vulnerability
beginner

Google Dork: inurl:'/responsible disclosure' hoodie...

Finds responsible disclosure pages that offer merchandise rewards like hoodies for reported security vulnerabilities.

inurl:'/responsible disclosure' hoodie
0
Not verified
Vulnerability
beginner

Google Dork: submit vulnerability report...

Discovers vulnerability report submission forms where organizations accept security findings from external researchers.

submit vulnerability report
0
Not verified
Vulnerability
beginner

Google Dork: inurl:responsible disclosure $50...

Finds pages with "responsible" in their URL path that may expose administrative interfaces or sensitive endpoints.

inurl:responsible disclosure $50
0
Not verified
Vulnerability
beginner

Google Dork: inurl"security report...

Finds security report pages and documents published by organizations detailing vulnerabilities and security findings.

inurl"security report
0
Not verified
Vulnerability
beginner

Search nl Domain

Finds vulnerability disclosure programs on Dutch (.nl) domains that accept security reports.

intext:Vulnerability Disclosure site:nl
nlvulnerability
0
Not verified
Vulnerability
beginner

Search eu Domain

Searches European Union (.eu) domains for vulnerability disclosure programs and policies.

intext:Vulnerability Disclosure site:eu
euvulnerability
0
Not verified
Vulnerability
intermediate

Google Dork: submit vulnerability report" |...

Finds vulnerability submission pages and sites powered by Bugcrowd or HackerOne bug bounty platforms.

submit vulnerability report" | "powered by bugcrowd" | "powered by hackerone
0
Not verified
Vulnerability
PRO
intermediate

Exposed Memcached Servers

Locates exposed Memcached server interfaces that may allow cache data extraction or be exploited for DDoS amplification attacks.

Upgrade to Pro to view
memcachedcachememory
0
Not verified
Vulnerability
PRO
intermediate

Exposed VNC Servers

Identifies VNC remote desktop servers that may contain security misconfigurations or vulnerabilities exploitable during authorized security assessments.

Upgrade to Pro to view
vncremote-desktoprdp
0
Not verified
Vulnerability
PRO
intermediate

Find Exposed Network Devices

Finds exposed Exposed Network Devices interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

Upgrade to Pro to view
networkroutersdevices
0
Not verified
Vulnerability
PRO
intermediate

Exposed SQL Server Reporting Services

Finds exposed Exposed SQL Server Reporting Services interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

Upgrade to Pro to view
sql-serverreportingssrs
0
Not verified
Vulnerability
beginner

Exposed phpinfo() Pages

Finds exposed phpinfo() pages revealing detailed PHP configuration, server paths, and environment variables.

intitle:"phpinfo()" "PHP Version"
phpconfigurationinfo
0
Not verified
Vulnerability
intermediate

Find Exposed API Endpoints

Finds exposed Exposed API Endpoints interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

inurl:/api/ intext:("username" OR "password" OR "key" OR "token")
apiendpointssecurity
0
Not verified
Vulnerability
PRO
intermediate

Exposed Splunk Instances

Discovers exposed Splunk web interfaces that could allow unauthorized access to log data, security events, and system monitoring dashboards.

Upgrade to Pro to view
splunklogssiem
0
Not verified
Vulnerability
PRO
intermediate

Find Exposed Metabase Instances

Identifies exposed metabase instances pages that may contain security misconfigurations or vulnerabilities exploitable during authorized security assessments.

Upgrade to Pro to view
metabasebusiness-intelligenceanalytics
0
Not verified
Vulnerability
beginner

Exposed Swagger/OpenAPI Specs

Discovers exposed Swagger UI API documentation pages that reveal complete API endpoint specifications and parameters.

intitle:"Swagger UI" inurl:"api-docs"
swaggerapiopenapi
0
Not verified
Vulnerability
PRO
intermediate

Exposed Airflow Instances

Locates exposed airflow instances that may allow unauthorized access to administrative interfaces or sensitive system configurations.

Upgrade to Pro to view
airflowworkfloworchestration
0
Not verified
Vulnerability
PRO
intermediate

Find Exposed Redis Servers

Finds exposed Redis database servers on port 6379 showing connected client information that may allow unauthorized data access.

Upgrade to Pro to view
rediscachedatabase
0
Not verified
Vulnerability
intermediate

Exposed Kibana Instances

Finds exposed Kibana dashboard instances that provide web-based analytics and visualization access to Elasticsearch data stores.

intitle:"Kibana" inurl:"/app/kibana"
kibanaelasticsearchlogs
0
Not verified
Vulnerability
PRO
intermediate

Exposed RabbitMQ Management Interfaces

Finds exposed RabbitMQ management web interfaces that provide full control over message queues and broker configuration.

Upgrade to Pro to view
rabbitmqmessage-queuemanagement
0
Not verified
Vulnerability
PRO
intermediate

Find Exposed MongoDB Databases

Identifies MongoDB database instances that are publicly accessible and potentially exposable to data extraction or manipulation.

Upgrade to Pro to view
mongodbdatabasenosql
0
Not verified
Vulnerability
PRO
advanced

Exposed Docker Registry APIs

Discovers exposed "Docker Registry API" interfaces that may reveal security misconfigurations or allow unauthorized administrative access.

Upgrade to Pro to view
dockercontainersregistry
0
Not verified
Vulnerability
beginner

Exposed Apache Server Status Pages

Finds exposed Apache Server Status pages revealing server version, uptime, request details, and active connections.

intitle:"Apache Status" "Server Version"
apacheserverstatus
0
Not verified
Vulnerability
PRO
advanced

Find Exposed Kubernetes Dashboards

Locates exposed Kubernetes dashboards that may allow unauthorized access to administrative interfaces or sensitive system configurations.

Upgrade to Pro to view
kubernetesk8sdashboard
0
Not verified
Vulnerability
PRO
intermediate

Exposed Jenkins CI/CD Pipelines

Identifies Jenkins CI/CD servers that may contain security misconfigurations or vulnerabilities exploitable during authorized security assessments.

Upgrade to Pro to view
jenkinscicddevops
0
Not verified
Vulnerability
PRO
intermediate

Find Exposed Elasticsearch Clusters

Finds exposed Elasticsearch cluster interfaces on port 9200 that may allow unauthorized data access and manipulation.

Upgrade to Pro to view
elasticsearchdatabasenosql
0
Not verified
Vulnerability
beginner

Exposed Firebase Databases

Finds publicly accessible Firebase Realtime Database JSON endpoints that may expose user data and application records.

site:firebaseio.com ".json"
firebasedatabasegoogle
0
Not verified
Vulnerability
beginner

WordPress XML-RPC Enabled Sites

Locates exposed HP device management interfaces with default configurations that may allow unauthorized device control.

inurl:/xmlrpc.php site:*.com
wordpressxmlrpcbruteforce
0
Not verified
Vulnerability
PRO
advanced

Database Connection Strings Exposed

Discovers exposed log files indexed by Google that may contain error messages, user data, and internal system information.

Upgrade to Pro to view
databasecredentialsconnection-string
0
Not verified
Vulnerability
PRO
advanced

Exposed Environment Files with API Keys

Finds files containing exposed API keys that could allow unauthorized access to third-party services and cloud platforms.

Upgrade to Pro to view
credentialsapi-keyssecrets
0
Not verified
Vulnerability
PRO
advanced

JWT Tokens and Session Secrets Exposed

Finds exposed JWT Tokens and Session Secrets Exposed interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

Upgrade to Pro to view
jwtauthenticationsession
0
Not verified
Vulnerability
PRO
advanced

AWS S3 Bucket Configuration Leaks

Searches for exposed AWS access key IDs and secret access keys in configuration files that could grant cloud infrastructure access.

Upgrade to Pro to view
awscloudaccess-keys
0
Not verified
Vulnerability
beginner

phpMyAdmin Panels

Locates exposed targeted web resources that may allow unauthorized access to administrative interfaces or sensitive system configurations.

intitle:"phpMyAdmin" intext:"Welcome to phpMyAdmin"
phpmyadmindatabasemysql
0
Not verified
Vulnerability
beginner

Exposed API Documentation

Finds exposed Swagger UI API documentation pages that reveal endpoint structures, parameters, and sometimes allow live API testing.

intitle:"Swagger UI" | inurl:swagger | inurl:api-docs
apiswaggerdocumentation
0
Not verified
Vulnerability
beginner

WordPress User Enumeration

Identifies targeted web resources that may contain security misconfigurations or vulnerabilities exploitable during authorized security assessments.

inurl:?author=1 site:*.com
wordpressusersenumeration
0
Not verified
Vulnerability
beginner

Admin Login Panels

Finds exposed Admin Login Panels interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

inurl:admin intitle:login | intitle:"admin panel"
adminlogincms
0
Not verified

Looking for more? Browse our complete library of Google dorks.

Browse All DorksTry Bulk Dork Generator

Related Categories

Login Page Dorks

Discover admin panels, login portals, and authentication pages with Google dorks

Database Dorks

Discover exposed databases, phpMyAdmin, MongoDB, and database dumps with Google dorks

Bug Bounty Dorks

Level up your bug bounty hunting with curated Google dorks

Explore More Google Dorks

AWS S3 Bucket DorksExposed Credentials DorksBug Bounty DorksDirectory Listing DorksLogin Page DorksSensitive Files DorksDatabase DorksGoogle Dork CheatsheetFree Tools