.png)
8 months ago
72 BOOK THIS SPACE FOR AD
ARTICLE AD
Subscribed to: https://medium.com/@kerstan
Hello everyone, I’m Kerstan.
Today is Bug bounty Tuesday, I will share with you about googledock tip in bug bounty.
So, let’s dive right in.
1. Find buckets and sensitive data
site:s3.amazonaws[.]com "target[.]com"site:blob.core[.]windows[.]net "target[.]com"
site:googleapis[.]com "target[.]com"
site:drive[.]google[.]com "target[.]com"Search for documents on popular cloudssite:drive.google.com <searchterm>
site:dl.dropbox.com <searchterm>
site:s3.amazonaws.com <searchterm>
site:onedrive.live.com <searchterm>
site:cryptome.org <searchterm>
2. Find env file
juicy Extensionsext:log | ext:txt | ext:conf | ext:cnf | ext:ini | ext:env | ext:sh | ext:bak | ext:backup | ext:swp | ext:old | ext:~ | ext:git | ext:svn | ext:htpasswd | ext:htaccess site:example[.]com3. Find old site
Unexpected results with this onesite:example[.]com -inurl:https“site:example[.]com” Searches specifically within the example[.]com domain.“-inurl:https” Excludes URLs that contain “https”, filtering for pages served over HTTP.“inurl:” Searches URLs containing specific text.“demo | dev | staging | test | sandbox:” URL contains any of these keywords.“site:example[.]com”: Restricts search to a specific domain. Replace “example[.]com” with the desired target domain without the brackets.4. Find Test Enviornments
inurl:demo | inurl:dev…
Bengali (Bangladesh) · 
English (United States) ·