Start From Here
Find a Quick Self Hosted Bug Bounty or VDP Program For Yourself
Pages Contain Login Panel
Gathering login Pages Could Be Crucial For Reconnaissance Process
File Contains Juicy Information
Dorks Containing Keywords That Leads To File Containing Juicy Information
- Hashed Passwords, Encrypted Passwords, Password Dump
- SSH Keys
- FTP, SFTP Keys
- Secret Key, Secret Access key, API key
- Certificate, Activation Code, License Key
Password Files
Leak Protocols Credentials
AWS and Azure Config Files
Other Juicy Files
Prone Parameters
Find Prone Parameters For Specific Vulnerability Types
- search= query= keyword=
- intext:"Page Not Found" intext:"project not found"
- intext:"The requested URL could not be found"
- goto= forward= redir=
- uid= auth= sid= category=
- host= protocol= domain=
- view= folder= doc= theme=
- execute= script= output=
- logout= token= cookie=
- import= upload= download=
- layout= template= display=
- failure_url= success_url= error_url=
- info= details= metadata=
- token= id= pid= api_key=
XSS Prone Parameters
SubDomain Takeover
Open Redirect Prone Parameters
SQLi Prone Parameters
SSRF Prone Parameters
LFI Prone Parameters
RCE Prone Parameters
CSRF Prone Parameters
File Inclusion Prone Parameters
Path Traversal Prone Parameters
HTTP Response Splitting Prone Parameters
Information Disclosure Prone Parameters
Insecure Direct Object Reference (IDOR) Prone Parameters
DataBases Error Messages
Find a Quick DataBases Error Messages From Various Databases like MongoDB, Redis, Oracle, PostgreSQL, Microsoft SQL Server
- Dork List 1
- Dork List 2
- Error Messages Dork List 1
- Error Messages Dork List 2
- Error Messages Dork List 1
- Error Messages Dork List 2
- Error Messages Dork List 1
- Error Messages Dork List 2
- Error Messages Dork List 1
- Error Messages Dork List 2
- Error Messages Dork List 1
- Error Messages Dork List 2
- Error Messages Dork List 2
MongoDB Error Messages
Redis Error Messages
Oracle Errors
PostgreSQL Errors
Microsoft SQL Server Errors
SQL Server Errors
Database Error Messages
Sensitive Directories
Such Gold Mines Which May Contain Sensitive Files
- Media, Images, Videos
- .zip, .gz, .debug
- Obsolete, Deprecated, Old
- Wp-admin, Wp-config, Wp-login
- Internal, Restricted, Secret
- Json, Conf, Bak, Env