Merge pull request #53 from opsdisk/add-colorama

Added colorama, cleaned up args checks, truncated pause_time to hundr…

Author: opsdisk

dorks/advisories_and_vulnerabilities.dorks

@@ -2193,3 +2193,24 @@ Server: Mida eFramework
 intitle:"Powered by Pro Chat Rooms"
 inurl:"woocommerce-exporter"
 inurl:opac_css
+intitle:"Please Login" "Use FTM Push"
+"Powered by vBulletin(R) Version 5.6.3"
+inurl:/wp-content/themes/altair/
+inurl:/pro_users/login
+inurl:/cgi-bin/manlist?section
+intext:"Incom CMS 2.0"
+"machform" inurl:"view.php"
+inurl:"/console/login/LoginForm.jsp"
+inurl:uno.php
+inurl:"/wp-content/plugins/super-forms/"
+"Powered By Best Support System"
+inurl:/calendar/calendar_form.php
+inurl:/ics?tool=search
+inurl:"telerik.web.ui.webresource.axd?type=rau"
+inurl:"/lib/editor/atto/plugins/managefiles/" | inurl:"calendar/view.php?view=month"
+"citsmart.local"
+inurl:"wp-content/plugins/wp-super-edit/superedit/" | inurl:"wp-content/plugins/wp-super-edit/superedit/tinymce_plugins/mse/fckeditor/editor/filemanager/upload/"
+inurl:wp-content/plugins/1-flash-gallery
+inurl:"/wp-content/plugins/123ContactForm
+inurl:wp-content/plugins/Ultimate-member
+inurl:/wp-content/plugins/wpdiscuz/

dorks/all_google_dorks_20201123_164552.txt renamed to dorks/all_google_dorks_20210814_145340.txt

@@ -899,3 +899,42 @@ site:gov ext:sql | ext:dbf | ext:mdb
 intitle:"index of" "Clientaccesspolicy.xml"
 "secret_key_base:" ext:exs | ext:txt | ext:env | ext:cfg
 ext:sql | ext:txt intext:"-- phpMyAdmin SQL Dump --" + intext:"admin"
+"putty.log" ext:log | ext:cfg | ext:txt | ext:sql | ext:env
+ext:php intitle:phpinfo "published by the PHP Group"
+intitle:"index of" intext:"web.xml"
+ext:txt | ext:log | ext:cfg "Building configuration..."
+ext:yml | ext:txt | ext:env "Database Connection Information Database server ="
+"The SQL command completed successfully." ext:txt | ext:log
+inurl:"/php/info.php" "PHP Version"
+site:ftp.*.*.* "ComputerName=" + "[Unattended] UnattendMode"
+allintext:@gmail.com filetype:log
+inurl:https://trello.com AND intext:@gmail.com AND intext:password
+intitle:"index of" intext:"apikey.txt
+filetype:log inurl:paypal
+intitle:final.attendee.list | inurl:final.attendee.list
+ext:xlsx inurl:database
+ext:(doc | pdf | xls | txt |) (intext:confidential salary) inurl:confidential
+intitle:"index of" "application.properties"
+inurl:"dcwp_twitter.php"
+intitle:"index of" "secret.yaml"
+inurl:ftp -inurl:(http|https) intext:"@gmail.com" intext:subject fwd|confidential|important|CARD|cvv
+intext:cv OR intext:curriculum vitae AND intext:"SSN" ext:doc
+"Parent Directory" AND "Index of" AND "config.php_old"
+intext:"Your client connection" + "Network name" + "Hardware address"
+intitle:"index of" "google-services.json"
+intitle:"Index of" ws_ftp.ini
+intitle:"index of" intext:"senha"
+site:.gov.co intitle:Index of
+site:*/phpmyadmin/server_sql.php
+site:*/phpmyadmin/server_privileges.php
+inurl:phpmyadmin/sql.php?server=1
+inurl:ALFA_DATA intitle:"index of"
+inurl:/wp-content/uploads/ "phpMyAdmin SQL Dump"
+inurl:/wp-content/uploads/wpdm-cache
+site:*/phpmyadmin/server_databases.php
+index of storage/oauth-private.key
+intitle:"index of" "db.sqlite3"
+intitle:"index of" "/sql"
+intitle:"index of" "ssh_host_rsa_key" + "ssh_host_rsa_key.pub"
+"Not for Public Release" + "Confidential" ext:pdf | ext:doc | ext:xlsx
+inurl:/inicis/ ext:log

dorks/files_containing_juicy_info.dorks

@@ -353,3 +353,20 @@ jdbc:mysql://localhost:3306/ + username + password ext:yml | ext:javascript -git
 jdbc:postgresql://localhost: + username + password ext:yml | ext:java -git -gitlab
 jdbc:oracle://localhost: + username + password ext:yml | ext:java -git -gitlab
 intitle:"index of" "config.exs" | "dev.exs" | "test.exs" | "prod.secret.exs"
+"define('DB_USER'," + "define('DB_PASSWORD'," ext:txt
+intitle:"index of" "anaconda-ks.cfg" | "anaconda-ks-new.cfg"
+"define('SECURE_AUTH_KEY'" + "define('LOGGED_IN_KEY'" + "define('NONCE_KEY'" ext:txt | ext:cfg | ext:env | ext:ini
+"keystorePass=" ext:xml | ext:txt -git -gitlab
+intext:construct('mysql:host
+"mailer_password:" + "mailer_host:" + "mailer_user:" + "secret:" ext:yml
+intitle:"index of" "idx_config"
+"password 7" ext:txt | ext:log | ext:cfg
+"insert into users" "VALUES" ext:sql | ext:txt | ext:log | ext:env
+"cpanel username" "cpanel password" ext:txt
+intitle:"index of" "application-users.properties" | "mgmt-users.properties" | "*standalone.xml"
+"public $user =" | "public $password = " | "public $secret =" | "public $db =" ext:txt | ext:log -git
+site:*.blob.core.windows.net ext:xls | ext:xlsx (login | password | username)
+"# -FrontPage-" ext:pwd inurl:(service | authors | administrators | users) "# -FrontPage-" inurl:service.pwd
+inurl:/wp-content/uploads/ ext:txt "username" AND "password" | "pwd" | "pw"
+allintext:"*[email protected]" OR "password" OR "username" filetype:xlsx
+inurl:/wp-content/uploads/data.txt

dorks/files_containing_passwords.dorks

@@ -39,3 +39,6 @@ intitle:"index of" "password.yml
 jdbc:sqlserver://localhost:1433 + username + password ext:yml | ext:java
 "'dsn: mysql:host=localhost;dbname=" ext:yml | ext:txt "password:"
 intitle:"index of" "credentials.xml" | "credentials.inc" | "credentials.txt"
+intitle:"index of" "db.properties" | "db.properties.BAK"
+intitle:"index of" "contacts.txt"
+intext:"-----BEGIN CERTIFICATE-----" ext:txt

dorks/files_containing_usernames.dorks

@@ -102,3 +102,5 @@ intitle:traefik inurl:8080/dashboard
 intitle:"Nikto Report" "OSVDB"
 intitle:"Skipfish - scan results browser"
 -site:"pentest-tools.com" intext:"Scan coverage information" AND "List of tests" ext:PDF
+intitle:"ZAP Scanning Report" + "Alert Detail"
+intitle:"routeros" "sophia"

dorks/network_or_vulnerability_data.dorks

@@ -1050,3 +1050,122 @@ inurl:"servicedesk/customer/user/login"
 intitle:"Xenmobile Console Logon"
 inurl:login.seam
 inurl:/adfs/oauth2/authorize
+intitle:"irz" "router" intext:login gsm info -site:*.com -site:*.net
+site:portal.*.* intitle:"login"
+intitle:"Insurance Admin Login" | "(c) Copyright 2020 Cityline Websites. All Rights Reserved." | "http://www.citylinewebsites.com"
+site:user.*.* intitle:"login"
+site:password.*.* intitle:"login"
+site:checkin.*.* intitle:"login"
+intitle:"web client: login"
+inurl:Sitefinity/Authenticate/SWT
+inurl:idp/prp.wsf
+inurl:nidp/idff/sso
+inurl:idp/Authn/UserPassword
+inurl:adfs inurl:wctx inurl:wtrealm -microsoft.com
+intitle:"Humatrix 8"
+intitle:"Exchange Log In"
+inurl:oidc/authorize
+inurl:authorization.ping
+intitle:Login intext:HIKVISION inurl:login.asp?
+inurl:weblogin intitle:("USG20-VPN"|"USG20W-VPN"|USG40|USG40W|USG60|USG60W|USG110|USG210|USG310|USG1100|USG1900|USG2200|"ZyWALL110"|"ZyWALL310"|"ZyWALL1100"|ATP100|ATP100W|ATP200|ATP500|ATP700|ATP800|VPN50|VPN100|VPN300|VPN000|"FLEX")
+site:p2.*.* intitle:"login"
+inurl:jasperserver-pro/login.html
+intitle:"phpLDAPadmin" inurl:cmd.php
+intitle:"iLO: localhost" + "Firmware Version"
+intitle:"Cisco Email Security Virtual Appliance" inurl:csrfkey=
+intitle:"D-LINK SYSTEMS, INC. | WIRELESS ROUTER | HOME" inurl:"status.php"
+inurl:index.php?s=/Admin/Public/login.html
+inurl:ext/pwdreset
+intitle:"Radius Manager" intext:"Control Panel"
+inurl:simplesaml/module
+inurl:ushell/shells/abap
+"Username" "Password" "Please login to continue" intitle:"F660"
+intitle:"oracle business intelligence sign in"
+inurl:ui/login intitle:jfrog
+intitle:"ZXHN H108N" intext:"Welcome to ZXHN H108N"
+inurl:ejbexplorer
+intitle:"WEB LCT" intext:"Web local craft terminal"
+Copyright Huawei Technologies co. Ltd "Account" "Password" -site:huawei.com
+"Username" "Password" "Please login to continue" intitle:"F670"
+site:*.com inurl:axis2-admin
+intitle:"Blue Iris Login"
+inurl:/dana-na/auth/url_default/welcome.cgi "VPN"
+site:*.herokuapp.com intitle:login
+intitle:"Sign in to Cisco Finesse"
+inurl:pandora_console intitle:"Pandora FMS"
+intext:"helpdesk software provided by deskpro"
+inurl:"login.rsp" "Language" -.com
+inurl:webdynpro/dispatcher
+intitle:"NUUO Network Video Recorder Login" "Language"
+inurl:template.gch "ZTE Corporation."
+inurl:Main_Login.asp AND intext:"Sign in with your ASUS router account"
+intitle:"Component Browser Login"
+inurl:"/deltaweb/hmi_login.asp" intext:"login"
+inurl:"/login.htm" "Hitron Technologies"
+intitle:"UniFi Video" "login" "NVR"
+intitle:"Login" intext:"Herospeed Technology"
+intitle:"login" "Are you a patient" " eRAD"
+intitle:"Frontier e-HR Login Page"
+inurl:b2b/init.do
+intitle:"Web user login"
+intitle:"DIAM4 Login"
+intitle:"Sauter moduWeb - Login"
+intitle:"Greentree eHR" "Employee Code"
+intitle:"Payvand PACS"
+intext:"Please select your account" intext:"SSL Login"
+intitle:"iLo" "Hewlett Packard Enterprise Development" "Firmware Version" " Local user name:"
+intitle:"NetScaler AAA" inurl:logon/LogonPoint/tmindex.html
+intitle:"Please Login" inurl:"/remote/login?lang=en"
+intitle:"Gophish - Login"
+inurl:sslvpn_logon.shtml
+intitle:"ReACT Self-serve"
+inurl:glpi intitle:"GLPI" site:.br
+intext:"Cisco Webui - Login" -www -cisco.com
+intitle:"TOTOLINK" inurl:"/login.htm"
+intitle:"grafana" inurl:"/grafana/login" "Forgot your password"
+Google Dork: inurl:"/zm/index.php"
+intitle:"Login" intext:"(Moka pot)" inurl:"login.php"
+intitle:"GLPI - Authentication"
+intext:clave inurl:admin.php
+intitle:"Teampass" intext:"Server Time"
+intitle:"Gargoyle Router Management Utility" intext:"Enter Admin Password"
+"Saferoads VMS" "login"
+intitle:"OpenWrt - LuCI" intext:"Powered by LuCI | OpenWrt"
+intitle:"Plesk Obsidian" inurl:login_up.php
+"Name" "Password" intitle:"Business LAN"
+intitle:LANCOM intitle:login "LANCOM Systems GmbH"
+Zenario CMS Login Page
+inurl:/index.php/admin/authentication/ intext:clave
+intext:"Powered by Synnefo"
+inurl:EMSWebClient/Login.aspx
+intitle:"ONU" intext:"Please login to continue..."
+intitle:"Scalance web management" "Switch to insecure HTTP"
+intitle:"Login" inurl:web/frame/login.html?ssl=
+intitle:"Huawei Inner Web"
+intitle:"Viewer for Samsung NVR"
+"Yeastar Information Technology Co., Ltd. All Rights Reserved." -yeastar.com
+intitle:"Ubiquiti" intext:"Please login to manage your wireless device."
+intitle:"Webmodule" inurl:"/webmodule-ee/login.seam" "Version"
+intitle:"GLPI - Аутентификация" intext:"GLPI Copyright"
+intitle:"Schneider Electric Telecontrol - Industrial Web Control" intext:"Xflow "
+intitle:"login - otrs" "Login" "Powered by OTRS"
+inurl:"/sslvpn_logon.shtml" intitle:"User Authentication" "WatchGuard Technologies"
+intitle:"Plesk" inurl:"/login_up.php3" "Parallels IP Holdings GmbH"
+intitle:"ISPConfig" "Powered by ISPConfig" "login"
+inurl:/web-ftp.cgi
+intitle:"XVR LOGIN" inurl:"/login.rsp"
+intitle:"iMana 200 login"
+intitle:"WebMO Login" inurl:/~webmo/cgi-bin/login.cgi
+inurl:/psp/ intext:"ORACLE PEOPLESOFT"
+intitle:"Nutanix Web Console"
+intitle:"Identity Services Engine" inurl:login.jsp
+site:*.zendesk.com/auth/v2/login/registration
+intext:"Switch Administrator" inurl:config/log_off_page
+inurl:"pages/sdcall/Login.jsp"
+intext:Paessler AG - The Network Monitoring Company inurl:/index.htm intitle:"Welcome | PRTG Network Monitor" -"User Manual"
+intext:"Lancom" intitle:"Router - Login" -.com
+"FM Monitoring Receiver" intitle:"login" "welcome!"
+inurl:/UserLogin intitle:"::PayTV SMS::" "Aplomb Technology"
+intext:"SGP" inurl:/accounts/login?next=/admin/
+inurl:"/tips/tipsLogin.action"
+intitle:"Grandstream Device Configuration" (intext:password & intext:"Grandstream Device Configuration" & intext:"Grandstream Networks" | inurl:cgi-bin) -.com|org

dorks/pages_containing_login_portals.dorks

@@ -411,3 +411,23 @@ intitle:index of .git/hooks/
 intitle:"index of" "*.cert.pem" | "*.key.pem"
 ssh_host_dsa_key.pub + ssh_host_key + ssh_config = "index of / "
 "index of" inurl:database ext:sql | xls | xml | json | csv
+intitle:"index of" "dump.sql"
+intitle:"index of" inurl:admin/download
+/etc/certs + "index of /" */*
+/etc/config + "index of /" /
+"-- Dumped from database version" + "-- Dumped by pg_dump version" ext:txt | ext:sql | ext:env | ext:log
+intitle:("Index of" AND "wp-content/plugins/boldgrid-backup/=")
+intitle:"index of" "*Maildir/new"
+inurl:/jsps/testoperation.jsp "Test Operation"
+inurl:/certs/server.key
+inurl:print.htm intext:"Domain Name:" + "Open printable report"
+inurl:tcpconfig.html
+"-----BEGIN PGP PRIVATE KEY BLOCK-----" ext:pem | ext:key | ext:txt -git
+"-----BEGIN EC PRIVATE KEY-----" | " -----BEGIN EC PARAMETERS-----" ext:pem | ext:key | ext:txt
+inurl:/wp-content/uploads/wp-file-manager-pro
+inurl:wp-content/uploads/ intitle:logs
+inurl:/wp-content/uploads/wp-file-manager-pro/fm_backup
+intitle:"index of" intext:"client.key.pem"
+intitle:"index of" "/.vscode"
+intext:"CAD Media Log"
+intitle:"index of" "/configs"

dorks/sensitive_directories.dorks

@@ -542,3 +542,119 @@ inurl:/index.html?size=2&mode=4
 inurl: 1051/viewer/live/index.html?lang=en
 inurl:/homej.html?
 inurl:/Jview.htm + "View Video - Java Mode"
+inurl:"view.shtml" "Network"
+inurl:"view.shtml" "camera"
+inurl:"/cgi-bin/guestimage.html" "Menu"
+"change the Administrator Password." intitle:"HP LaserJet" -pdf
+inurl: inurl:"view.shtml" ext:shtml
+intext:"Connection" AND "Network name" AND " Cisco Meraki cloud" AND "Security Appliance details"
+inurl:/Jview.htm + intext:"Zoom :"
+intitle:"Agent web client: Phone Login"
+"System" + "Toner" + "Input Tray" + "Output Tray" inurl:cgi
+intitle:"NetCamXL*"
+intitle:"NetCamSC*"
+AXIS Camera exploit
+inurl:/Jview "zoom"
+site:*/dyn_sensors.htm "ID"
+inurl:dtm.html intitle:1747-L551
+inurl:login.html intitle:"Archer C7"
+intitle:"IP Webcam" inurl:"/greet.html"
+"Account" "Password" "All rights reserved" intitle:"HG8245"
+intitle:"D-LINK SYSTEMS, INC. | Web File Access : Login"
+inurl:login.html intitle:"GPON Home Gateway"
+inurl:"portal.mwsl" "Status"
+intitle:"Intelbras" inurl:cgi-bin/firmware.cgi?formNumber=200
+intitle:("WebRTU z2" | "WebRTU z1") -pdf
+intitle:("OnCell Web Console" | "Series Web Console" | "-HSPA Series Web" | "-HSDPA Series Web") "MOXA OnCell" "Username :" "Password :" -pdf
+intitle:"PowerLogic ION" + "Control" + "Diagnostic" + "Home" + "Maintenance" + "Monitoring"
+intitle:"Total Web Solutions" + "Meter Name"
+"Copyright(C) CONTEC CO.LTD"
+intitle:"Remote UI: Login:" "System Manager ID:"
+intitle:"Nordex Control" + "Wind Farm Total Summary"
+intitle:"Keenetic Web"
+inurl:/main/main.html "Administrator Settings"
+intitle:"Advanced Setup - Security - Admin User Name & Password"
+site:*.*/level/15/exec/-/ "Exec Configure"
+intitle:"ePMP 2000" "notifications" "Menu" -pdf
+intitle:"ContaCam" "Snapshot Image"
+site:*/tcpipv4.htm
+intitle:"HD IP Camera" "Remember me" "User name" -.com -pdf
+inurl:set_config_security.htm
+intitle:"webcamxp 5" intext: "live stream"
+inurl:"userimage.html" "Live" "Open"
+inurl:/view/viewer_index.shtml
+inurl:set_config_networkIP.html
+site:*/tcpipv6.htm
+inurl:/guestimage.html
+inurl:plc/webvisu.htm intitle:"CoDeSys WebVisualization"
+intitle:"openHAB" intext:"Welcome to openHAB" "Basic UI" "Paper UI"
+intext:"Inserire il proprio codice per accedere al sistema" "Inserire codice"
+inurl:m_login.htm "Somfy"
+inurl:"/intouch-base/rest/nlogin" intitle:"InTouch"
+inurl:"/index.html" intitle:"Unitronics PLC"
+intitle:"Vodafone Vox UI" | intitle:"Residential Gateway Login"
+intitle:"Properties - Xerox WorkCentre" "Machine Model:" "Machine Name" -.com
+intitle:"Polycom Login" -.com
+intitle:"Saia PCD Web-Server"
+intitle:"NETSuveillance WEB"
+inurl:pas_set_menu.html
+intitle:"Sys Name" System Summary Sensors
+intitle:"Epson Web Control" "OSD Control Pad"
+site:*/net/net/protocol.html
+intitle:"HD-Network Real Time Monitoring System" inurl:"/login.asp"
+intitle:"Milesight Network Camera" intext:"Language"
+inurl:ip_snmp.htm
+intitle:"Bosch Security Systems" "LIVEPAGE" + "SETTINGS" -.net -.com
+intitle:"DD-WRT (build 21061) - Info"
+inurl:ip_password.htm
+intitle:"DSM mobile" intext:"Loading..."
+intitle:"Web Client" inurl:"webcamera.html"
+inurl:/DeviceInformation/View "Device Name"
+intitle:"NodeCore PoW Mining Pool" "NETWORK" "TYPE" "POOL ADDRESS" "FEE"
+intitle:"Login" inurl:"/simple/view/login.html"
+intitle:"LK IHC controller" intext:"LK IHC"
+intitle:"Openstage IP Phone User" "IPv4" "DNS"
+"USB Port 1 (Public Data)" + "USB Port 2 (Public Data)" "Status" -pdf
+inurl:/PRESENTATION/HTML/TOP/PRTINFO.HTML
+inurl:/PRESENTATION/EPSONCONNECT
+intext:@print.epsonconnect.com intitle:series
+Google Dork: intitle:"ZM - Console"
+Google Dork: intitle:"ZM - System Log"
+inurl:/login/?referer=/admin/ intext:cradlepoint
+allintext:"Copyright CANON INC" "iR-ADV"
+inurl:"/cgi-bin/luci" intext:"Authorization Required" intitle:"LuCI"
+"Name" "Password" intitle:"LANCOM 1790VA"
+intitle:series "Note: It is recommended to communicate via HTTPS for entering an administrator password."
+inurl:/PRESENTATION/PSWD
+inurl:/PRESENTATION/BONJOUR intitle:Series
+intitle:"Yealink" inurl:"servlet?m="
+intitle:HP LASERJET PRO MFP inurl:/SSI/index.htm
+intitle:"Device(" intext:"ActiveX Mode (For IE Browser)"
+intext:"LANCOM 1781VA (over ISDN)"
+intitle:"Web Client for DVR"
+intitle:"Intelbras" site:*/index.html
+inurl:/portal/indicate intitle:Remote UI
+inurl:mobile.html intitle:webcamXP
+intitle:"supra IPC"
+intitle:"Dell OpenManage Switch Administrator" intext:"Type in Username and Password, then click OK"
+intitle:"Alarm Panel" intext:"Climax Tech. Co., Ltd."
+intitle:"webcamxp" "Flash JPEG Stream"
+"Username" "Password" "ZTE Corporation. All rights reserved."
+intitle:"WF Series" inurl:PRTINFO.html
+"NETGEAR, Inc. All rights reserved" intitle:"Netgear Prosafe Plus Switch"
+intitle:"Remote UI" intext:"Printer status"
+intitle:"::: ACEmanager :::"
+intitle:"Camera Status" inurl:/control/
+intitle:"Solar-Log™" intext:"Build Revision"
+intitle:"3CX Phone System Management Console"
+inurl:"/web/guest/en/websys/webArch/mainFrame.cgi"
+intitle:"myhome" intext:"Tilgin. All rights reserved. Copyright and Trademark."
+intitle:LANCOM "A webbrowser with active JavaScript support is required."
+intitle:("Canon" + "series Network Configuration" "Basic Information") + "JavaScript is not enabled"
+inurl:"serverpush.htm" "IP Camera" intext:"Foscam"
+intitle:"CPU-Modul TROVIS 6610"
+intitle:"Cambium" inurl:top.cgi
+inurl:top.cgi intitle:"Motorola ptp"
+intitle:"vood Residential gateway" inurl:vood/cgi-bin/
+intext:"Egardia & WoonVeilig" -site:"linkedin.*" -"data-lead.com" -"getemail.io" -"holaconnect.com" -"kzhead.info"
+intext:"Live View" inurl:ui3.htm

dorks/various_online_devices.dorks

@@ -104,3 +104,5 @@ intext:"Powered By Gila CMS"
 intitle:"Wing FTP Server - Web"
 intitle:"Vulnerability Report" "Critical" ext:pdf
 inurl:RichWidgets/Popup_Upload.aspx
+intext:"user name" intext:"orion core" -solarwinds.com
+inurl /editor/filemanager/connectors/uploadtest.html