google hacking是Google搜索引擎准确搜索的技巧
更多搜索技巧在https://www.exploit-db.com/google-hacking-database

site域名

site他的功能是用来搜索域名的网页内容,可以用来搜索子域名,跟子域名相关的内容

他指定那个站

语法

1
site:域名          //他会搜索

咧:
输入到是

1
site:zhihu.com

搜索带关键字的

1
site:zhihu.com  “你好”

filetype文件类型

指定搜索文件类型
比如

1
filetype:txt

也可以带关键字
咧:

1
filetype:txt "admin"


打开网页看一下

inurl在URL关键字

inurl搜索URL地址存在指定的关键字,可以搜索注入点地址

1
inurl:.php?id=


随便打开一个

搜索登录url
咧:

1
inurl:/admin/login.php


随便打开一个

常见的目录
https://github.com/mIcHyAmRaNe/okadminfinder3/blob/master/LinkFile/adminpanellinks.txt

注入点

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
inurl:item_id=	
inurl:review.php?id=	
inurl:hosting_info.php?id=
inurl:newsid=	
inurl:iniziativa.php?in=	
inurl:gallery.php?id=
inurl:trainers.php?id=	
inurl:curriculum.php?id=	
inurl:rub.php?idr=
inurl:news-full.php?id=	
inurl:labels.php?id=	
inurl:view_faq.php?id=
inurl:news_display.php?getid=	
inurl:story.php?id=	
inurl:artikelinfo.php?id=
inurl:index2.php?option=	
inurl:look.php?ID=	
inurl:detail.php?ID=
inurl:readnews.php?id=	
inurl:newsone.php?id=	
inurl:index.php?=
inurl:top10.php?cat=	
inurl:aboutbook.php?id=	
inurl:profile_view.php?id=
inurl:newsone.php?id=	
inurl:material.php?id=	
inurl:category.php?id=
inurl:event.php?id=	
inurl:opinions.php?id=	
inurl:publications.php?id=
inurl:product-item.php?id=	
inurl:announce.php?id=	
inurl:fellows.php?id=
inurl:sql.php?id=	
inurl:rub.php?idr=	
inurl:downloads_info.php?id=
inurl:index.php?catid=	
inurl:galeri_info.php?l=	
inurl:prod_info.php?id=
inurl:news.php?catid=	
inurl:tekst.php?idt=	
inurl:shop.php?do=part&id=
inurl:index.php?id=	
inurl:newscat.php?id=	
inurl:productinfo.php?id=
inurl:news.php?id=	
inurl:newsticker_info.php?idn=	
inurl:collectionitem.php?id=
inurl:index.php?id=	
inurl:rubrika.php?idr=	
inurl:band_info.php?id=
inurl:trainers.php?id=	
inurl:rubp.php?idr=	
inurl:product.php?id=
inurl:buy.php?category=	
inurl:offer.php?idf=	
inurl:releases.php?id=
inurl:article.php?ID=	
inurl:art.php?idm=	
inurl:ray.php?id=
inurl:play_old.php?id=	
inurl:title.php?id=	
inurl:produit.php?id=
inurl:declaration_more.php?decl_id=	
inurl:news_view.php?id=	
inurl:pop.php?id=
inurl:pageid=	
inurl:select_biblio.php?id=	
inurl:shopping.php?id=
inurl:games.php?id=	
inurl:humor.php?id=	
inurl:productdetail.php?id=
inurl:page.php?file=	
inurl:aboutbook.php?id=	
inurl:post.php?id=
inurl:newsDetail.php?id=	
inurl:ogl_inet.php?ogl_id=	
inurl:viewshowdetail.php?id=
inurl:gallery.php?id=	
inurl:fiche_spectacle.php?id=	
inurl:clubpage.php?id=
inurl:article.php?id=	
inurl:communique_detail.php?id=	
inurl:memberInfo.php?id=
inurl:show.php?id=	
inurl:sem.php3?id=	
inurl:section.php?id=
inurl:staff_id=	
inurl:kategorie.php4?id=	
inurl:theme.php?id=
inurl:newsitem.php?num=	
inurl:news.php?id=	
inurl:page.php?id=
inurl:readnews.php?id=	
inurl:index.php?id=	
inurl:shredder-categories.php?id=
inurl:top10.php?cat=	
inurl:faq2.php?id=	
inurl:tradeCategory.php?id=
inurl:historialeer.php?num=	
inurl:show_an.php?id=	
inurl:product_ranges_view.php?ID=
inurl:reagir.php?num=	
inurl:preview.php?id=	
inurl:shop_category.php?id=
inurl:Stray-Questions-View.php?num=	
inurl:loadpsb.php?id=	
inurl:transcript.php?id=
inurl:forum_bds.php?num=	
inurl:opinions.php?id=	
inurl:channel_id=
inurl:game.php?id=	
inurl:spr.php?id=	
inurl:aboutbook.php?id=
inurl:view_product.php?id=	
inurl:pages.php?id=	
inurl:preview.php?id=
inurl:newsone.php?id=	
inurl:announce.php?id=	
inurl:loadpsb.php?id=
inurl:sw_comment.php?id=	
inurl:clanek.php4?id=	
inurl:pages.php?id=
inurl:news.php?id=	
inurl:participant.php?id=	 
inurl:avd_start.php?avd=	
inurl:download.php?id=	 
inurl:event.php?id=	
inurl:main.php?id=	 
inurl:product-item.php?id=	
inurl:review.php?id=	 
inurl:sql.php?id=	
inurl:chappies.php?id=	 
inurl:material.php?id=	
inurl:read.php?id=	 
inurl:clanek.php4?id=	
inurl:prod_detail.php?id=	 
inurl:announce.php?id=	
inurl:viewphoto.php?id=	 
inurl:chappies.php?id=	
inurl:article.php?id=	 
inurl:read.php?id=	
inurl:person.php?id=	 
inurl:viewapp.php?id=	
inurl:productinfo.php?id=	 
inurl:viewphoto.php?id=	
inurl:showimg.php?id=	 
inurl:rub.php?idr=	
inurl:view.php?id=	 
inurl:galeri_info.php?l=	
inurl:website.php?id=

intitle指定搜索的标题

intitle搜索关键字标题的关键字
咧:

1
intitle:后台登陆


随便打开一个

搜索索引目录

咧:

1
intitle:index of "parent directory"


随便打开一个

搜索索引密码

咧:

1
intitle:index of "password"


随便打开一个

搜索索引登录页面

咧:

1
intitle:index of "login"

随便打开一个

intext搜索正文存在的关键字

可以用intext来搜索网站是什么框架搭建的
咧:
CMS是一个比如织梦CMS

1
intext:powered "*CMS"

符号

他符号有-,*,"",~,..

-符号是搜索结果不能有什么关键字”sql注入”
*这个一看就能看出来比如我们搜索一个*.txt
""搜索结果必须有里面的关键字比如”sql注入”
~搜索出来的近意词
..搜索的时间比如2017..2020