google-dorks-catalog
CommunityFind exposed secrets and configs with validated Google dorks.
Data & Analytics#penetration testing#google dorks#passive reconnaissance#exposed secrets#credential hunting#config leaks
Authoruphiago
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Manually crafting effective Google dorks to locate exposed sensitive data like credentials, configuration files, and secrets is time-consuming and often yields low-quality results, especially during the critical passive reconnaissance phase of security assessments.
Core Features & Use Cases
- Validated High-Precision Dorks: 100+ real-world tested queries for exposed files, service-specific secrets (AWS, Firebase, Supabase, etc.), and configuration leaks confirmed against 100+ real targets.
- GitHub Code Search Patterns: Pre-built API queries to find leaked credentials in public GitHub repositories, with filters to reduce false positives from example code.
- Use Case: For example, during the initial passive recon phase of a penetration test, use this skill to quickly identify exposed .env files, API keys, and private keys for a target domain without triggering active scanning alerts.
Quick Start
Use the google-dorks-catalog skill to run the validated exposed config dorks for your target domain to identify any publicly leaked sensitive files and credentials.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: google-dorks-catalog Download link: https://github.com/uphiago/recon-skills/archive/main.zip#google-dorks-catalog Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 536,000+ vetted skills library on demand.