⚠️ Disclaimer: All dorks and techniques discussed below is only for educational and ethical vulnerability research purposes. Author not responsible for any actions!
1️⃣ XML Namespace
site:api.*.com "<xmlns"
site:api.*.gov "<xmlns"2️⃣ Joomla CMS Related Endpoint
site:*.gov inurl:option=com_users
site:*.com inurl:option=com_users3️⃣ PhpMyAdmin Setup Page
inurl:"/phpmyadmin/scripts/setup.php"
4️⃣ WP JSON Endpoint
inurl:"/wp-json/" intext:"application-passwords"
inurl:"/wp-json/v2" site:gov
inurl:"/wp-json/" intext:"database" "}}}"
inurl:"/wp-json/" intext:"backup" "}}}"
inurl:"/wp-json" intext:"/v4" "{{" "context"
inurl:"/wp-json" intext:"/v3" "{{" "context"
inurl:"/wp-json" intext:"/connect" "endpoints" "}}}"
5️⃣ Register as XYZ
"register as staff" "password" "username"
"register as admin" "password" "username"
"register as employee" "password" "username"
"register as student" "password" "username"
"register as guest" "password" "username"
Take help of AI
1. Make a nuclei template to match the keyword "register as" and atleast one
keyword from username,password,login
2. Whenever a match is found, I also need to print in the nuclei results the
main keyword after "register as",means register as "admin", "employee",
"staff", "student", etc...
3. I also want to know how the original nuclei results with this template
will display or look like in terminal, just to clarify beforehand whether
it's what I want 
👇 Complete Series on Advanced Google Dorking