Google Hacking Database (GHDB)

Search the Google Hacking Database or browse GHDB categories

Files containing juicy info

No usernames or passwords, but interesting stuff none the less.

DATE Title Summary
2011-12-16 Google Dork inurl:Curriculum Vitale filetype:doc (... This dork locates Curriculum Vitale files. Author: Luciano UNLP ...
2011-12-16 Google Dork For Social Security Number ( In Spain ... This dork locates social security numbers. Author: Luciano UNLP ...
2011-11-24 filetype:old (mysql_connect) () There are three of mysql_connects but that all search in .inc or warnings, non search for .old...
2011-11-24 filetype:old (define)(DB_USER|DB_PASS|DB_NAME) this dork locates backed up config files filetype:php~ (define)(DB_USER|DB_PASS|DB_NAME) file...
2011-11-19 filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS this dork locates registry dumps ...
2011-11-19 intitle:index.of? configuration.php.zip this dork finds mostly backed up configuration.php files. Its possible to change the *.zip to ...
2011-11-19 inurl:"/includes/config.php" The Dork Allows you to get data base information from config files. Author: XeNon ...
2011-11-19 inurl:"trace.axd" ext:axd "Applicat... example google dork to find trace.axd, a file used for debugging asp that reveals full http re...
2011-09-26 +intext:"AWSTATS DATA FILE" filetype:txt Shows data downloads containing statistics on the site.Made by AwstatsThe best dork for that sy...
2011-08-25 filetype:ini "Bootstrap.php" (pass|passw... Zend application ini, with usernames, passwords and db info love Bastich ...
2011-07-26 filetype:pem "Microsoft" Microsoft private keys, frequently used for servers with UserID on the same page. -- Sha...
2011-07-26 inurl:server-info intitle:"Server Information... Juicy information about the apache server installation in the website. -- *Regards, Fady ...
2011-07-18 inurl:/push/ .pem apns -"push notifications&q... iphone apple push notification system private keys, frequently unencrypted, frequently with De...
2011-07-18 site:stashbox.org cv Or resume OR curriculum vitae... Searches StashBox for publicly avaliable PDF's or .doc files containing information used in a...
2011-07-18 site:mediafire.com cv Or resume OR curriculum vita... Searches Mediafire for publicly avaliable PDF's containing information used in a CV/Resume/Cur...
2011-07-18 site:docs.google.com intitle:(cv Or resume OR curr... Searches GoogleDocs for publicly avaliable PDF's containing information used in a CV/Resume/Cu...
2011-07-01 site:dl.dropbox.com filetype:pdf cv OR curriculum ... Searches Dropbox for publicly avaliable PDF's containing information used in a CV/Resume/Curri...
2011-05-26 inurl:sarg inurl:siteuser.html Submitter: pipefish Squid User Access Reports that show users' browsing history t...
2011-05-03 filetype:xls + password + inurl:.com The filetype:xls never changes What is inbtween then + sings can be what ever you are looking ...
2011-05-03 allinurl:http://www.google.co.in/latitude/apps/bad... Site: google.com/latitude - This is a free application where you can track your PC, laptop and...
2011-02-24 intext:db_pass inurl:settings.ini Submitter: Bastich mysql.nimbit.com dashboard settings...
2011-02-19 inurl:app/etc/local.xml Magento local.xml sensitive information disclosure Author: Rambaud Pierre...
2010-12-13 allinurl:/xampp/security.php XAMPP Security Setting Page Information Disclosure. Author: modpr0be ...
2010-12-10 inurl:phpinfo.php Locates phpinfo files. A phpinfo file Outputs a large amount of information about the current s...
2010-12-07 inurl:"config.php.new" +vbulletin locates the default configuration file for vBulletin (/includes/config.php.new) Author: MaXe...
2010-12-07 inurl:configuration.php-dist locates the default configuration file of JOOMLA Author: ScOrPiOn ...
2010-11-25 filetype: log inurl:"access.log" +intext... Match some apache access.log files. Author: susmab...
2010-11-10 "Cisco PIX Security Appliance Software Versio... Google search for Pix Authorization Keys Author: fdisk...
2010-11-10 filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS This search locates private SSHHostkeys. Author: loganWHD...
2006-10-02 intitle:"AppServ Open Project *" "A... Often includes phpinfo and unsecured links to phpmyadmin....
2006-03-21 intitle:"LOGREP - Log file reporting system&q... Logrep is an open source log file Extraction and Reporting System by ITeF!x. This dork finds t...
2006-03-18 (intitle:"PRTG Traffic Grapher" inurl:&q... PRTG Traffic Grapher is Windows software for monitoring and classifying bandwidth usage. It pro...
2006-03-18 intitle:"Joomla - Web Installer" Joomla! is a Content Management System (CMS) created by the same team that brought the Mambo CM...
2006-02-22 "not for public release" -.edu -.gov -.m... if you search through lots of these then you find some really juicy things, there files from po...
2006-01-16 intext:ViewCVS inurl:Settings.php CVs is a software used to keep track of changes to websites. You can review all updates and pre...
2006-01-16 inurl:build.err General build error file. Can tell what modules are installed, the OS the compiler the language...
2005-12-22 inurl:/cgi-bin/pass.txt Passwords...
2005-12-19 (intitle:WebStatistica inurl:main.php) | (intitle:... WebStatistica provides detailed statistics about a web page. Normally you would have to login ...
2005-11-24 inurl:wp-mail.php + "There doesn't seem to b... This is the WordPress script handling Post-By-Email functionality, the search is focussed on th...
2005-11-16 intitle:"Welcome to F-Secure Policy Manager S... An attacker may want to know about the antivirus software running. The description says he can...