Google dorks for bug bounty txt for bug bounty Activity. I only use Google Dork technique for fresh assets. gov. md at master · sushiwushi/bug-bounty-dorks Introducing "Dork Engine" – the ultimate bug bounty tool! Open multiple Google Dorks with a click, making vulnerability discovery and sensitive info hunting faster and easier. Generate Google Dorks for ethical hacking and bug bounty purposes. Contribute to 1n1t6Sh3ll/Bug-Bounty-Dorks-1 development by creating an account on GitHub. A list of Google Dorks for Bug Bounty, Web Application Security, and Pentesting Topics search google osint hacking bugbounty google-dorks ghdb ceh googledorks google-dorking-tool google-dorking-payloads google-dorks-for-hackers Helper Websites. Bounty target list: This ease the process of doing bug bounty for specific targets ! May 4, 2019 · List of Google Dorks to search for companies that have a responsible disclosure program or bug bounty program which are not affiliated with known bug bounty platforms such as HackerOne or Bugcrowd. Write a bug bounty report for the following reflected XSS: . Bug Bounty hunters can access a range of security-related dorks for vulnerability searches, while students are offered dorks related to academic resources. Bug hunters can look for hidden files Explore powerful Google Dorks curated for bug bounty hunting. Watchers. Google Dorks often exploit vulnerabilities like exposed files, directories, and login portals, making them a valuable tool for bug bounty hunters. Boost Your Bug Bounty Hunting Skills with Powerful Google Dorks. Now also added dark-web dorks (Educational Only!) (Hope this helps:) Use these tools and resources too 👍 Nov 8, 2021 · 400$ Bounty again using Google Dorks. A few great dorks to try and find admin login pages include the following: site:target. Start by identifying the target website or domain. One powerful tool in their arsenal is Google Dorks, which are specialized search queries that leverage Google's advanced search operators to discover hidden information. Google Dorking. Contribute to noiuytre/GOOGLE-DORKS development by creating an account on GitHub. Contribute to mr23r0/Bug-Bounty-Dorks development by creating an account on GitHub. It provides an attacker Mar 14, 2024 · Google-Dorks-Bug-Bounty - A List Of Google Dorks For Bug Bounty, Web Application Security, And Pentesting 2024-03-14T08:30:00-03:00 8:30 AM | Post sponsored by FaradaySEC | Multiuser Pentest Environment Zion3R Oct 29, 2023 · Message to every bug bounty hunter who is grinding to get their first bounty or to find their first bug: Keep learning. - Zarcolio/sitedorks You signed in with another tab or window. NETSurveillance uc-httpd - user:admin no passwords most likely. inurl:security "reward" inurl : /responsible disclosure Google Dorks for Bug Bounty. md at main · TakSec/google-dorks-bug-bounty The Dork Search Tools are designed to help bug bounty hunters and penetration testers find sensitive information and vulnerabilities on web applications. Google Dorks and keywords for bug hunters. Readme License. They can be a goldmine for bug bounty hunters, helping you uncover vulnerabilities and sensitive information hidden in plain sight. Here are some Google Dorks I use more often than not. Friend Link | Free Link. By leveraging advanced search operators, one can efficiently identify potential vulnerabilities and misconfigurations within target applications. A list of Google Dorks for Bug Bounty, Web Application Security, and Pentesting - google-dorks-bug-bounty/README. List of Google Dorks for sites that have responsible disclosure program / bug bounty program - dorks. Google Dork---- The Dork Search Tools are designed to help bug bounty hunters and penetration testers find sensitive information and vulnerabilities on web applications. Google Dorks are speciali I use a trick that ı found via a google dork, enter this on google search field: intitle:"Vulnerability Disclosure Program" OR intitle:"Vulnerability Disclosure Policy" site:. MIT license Activity. You switched accounts on another tab or window. Oct 28, 2023 · Google Dorks are powerful tools in the bug hunter’s toolbox, enabling security researchers to identify vulnerabilities, misconfigurations, and sensitive data exposures in web applications and For multiple domains, separate by comma. Github and Shodan on development ! No API Required: Operates without the need for API keys, reducing setup complexity. Hello Geeks :). This dork helps find open directories where web servers are indexing the contents. 🔵 DNSBin - The request. A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. Jan 8, 2020 · Just like previous list of XSS dorks but this time for Open Redirect vulnerabilities. 0 forks Report repository Releases No releases published. inurl:bug bounty. , example1. The results will give you the VDPs where you can hunt and report the bugs you find via email to each company individually. com, example2. 1. Enter a domain: Update Domain. com OR site:. BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation. . Jan 8, 2020 · Browse Bug Bounty Programs Browse active bug bounty programs run by website owners: Report a Vulnerability Tag: google dorks Top 100 Open Redirect dorks. The dorks are shared to help security A list of Google Dorks for Bug Bounty, Web Application Security, and Pentesting - ronin-dojo/google-dorks-bug-bounty2 List of Google dorks to find Public Bug Bounty Programs/Responsible Disclosure Programs - Giddyspurz/Bug-Bounty-Dorks Useful Google Dorks for WebSecurity and Bug Bounty - Proviesec/google-dorks For multiple domains, separate by comma. 0 stars Watchers. Nov 9, 2022 · 4. The tools consist of two separate search engines, one for Google and one for GitHub, that allow users to search for specific keywords, known as dorks, that can reveal sensitive information Google Dorks and keywords for bug hunters. I will tell you here how I found it and what kind of swag I got… Feb 7, 2023 · Special Google searches called “dorks” can be used to reveal sensitive data and identify targets for bug bounty hunting and penetration testing. You signed out in another tab or window. As a bug bounty hunter, list ways ChatGPT can save me time for recon, find a good program, learn technical skills Sep 26, 2023 · Fresh Targets + Google Dorks. aspx A list of Google/Shodan/Github Dorks for Bug Bounty, Web Application Security, and Pentesting - Ethical-gerson/dorks Jan 20, 2025 · How to Find Your 1st Easy Bug as a Bug Bounty Hunter (Step-by-Step Guide) On Real Live Websites If u cant read the article joined the discord server to read it from there : Feb 7 Collection of Dorks: The dorks provided in this repository are collected from various public sources across the internet. . Choose a role to get tailored dorks for vulnerabilities or educational resources. inurl:uux. Additional Resources. If you're working within the scope of a bug bounty program, focus on the specific website provided by the Nov 24, 2023 · Technique 3#: Using Google’s Custom Search Engine. txt at main · Zierax/G-dorks Welcome to the Google Dork Bug Hunting Series, where we explore the world of Google Dorks and their implications for cybersecurity. Reconnaissance is the most important step in any penetration testing or a bug hunting process. Contribute to 0xParth/All-Bug-Dorks development by creating an account on GitHub. For example: inurl /bug bounty; inurl : / security; inurl:security. The last technique were inspired by famous Bug Hunter @HusseiN98D, so all kudos goes to him on this one. Contribute to SandeepkrishnaS/Google-dork-bug-bounty development by creating an account on GitHub. Hey hunters! This writeup is my Second writeup I’ll share with you how I get 400$ Bounty again using Google Dorks. Google Dorks For Bug Bounty; 5 Google Dorks Every Hacker Needs to Know Nov 25, 2024 · The utilization of Google dorking as a tool in bug bounty programs is an invaluable strategy for security researchers. Common Google Dork Queries. The key in my methodology is that I only look for legacy applications. inurl:url You signed in with another tab or window. 1 watching Forks. Dorks for Bug Bounty Hunting. Bug bounty pages often include terms like: A list of Google Dorks for Bug Bounty, Web Application Security, and Pentesting - TakSec/google-dorks-bug-bounty Jun 30, 2023 · These examples showcase how Google Dorks can be used for security research and bug bounty hunting, providing a starting point for those interested in this field. A list of Google Dorks for Bug Bounty, Web Application Security, and Pentesting - MohammadAassif/googles-dorks-bug-bounty Oct 20, 2024 · Read writing about Google Dork in InfoSec Write-ups. Advanced Google Dorks for Bug Bounty Hunting 1. com -www -shop -share -ir -mfa Nov 24, 2023 · Technique 2#: Google Sheets Extension to Collect Google Search Results. Chapter 16: Bug Bounty Platforms. g. It made me realize that this could be a very powerful approach for findings some sensitive data. txt Oct 14, 2024 · In this article, we will explore the concept of Google Dorking, how it can be used by both common users and bug bounty hunters, and provide you with some powerful Google dorks to help you get started. Bug bounty dorks (includes private programs), shodan, github, CCTV, CMS dorks, lfi, sqli, xss, more vulns + an extra 1Mil+ dorks. Let’s begin! I started hunting with some google Introducing "Google Dork Engine" - your ultimate bug bounty tool! Discover vulnerabilities and sensitive information effortlessly. This website revolutionizes the process by allowing you to open multiple Google Dorks with just one click. 0 watching Jul 20, 2023 · And for fellow bug bounty hunters, don’t underestimate the power of tools like Google Dorks in finding potentially impactful vulnerabilities. intext:responsible disclosure. Automate those dorks. The key to finding bug bounty programs with Google dorks is to think about the common words, phrases, and page elements that programs tend to use. May 4, 2019 · List of Google Dorks for sites that have responsible disclosure program / bug bounty program. The repository owner does not claim ownership of these dorks. Jan 5, 2023 · Google dorks are special search terms that can help you find hidden information or vulnerabilities on websites. Use these search queries to uncover hidden vulnerabilities and sensitive data - by VeryLazyTech. inurl Useful Google Dorks for WebSecurity and Bug Bounty - whalebone7/google-dorks Google dorks for finding bug bounty programs. 0 watching. inurl:security. Contribute to dhavaljaihind/Bug-Bounty-Dorks development by creating an account on GitHub. Hall of Fame among 2500+ other hunters Some of these dorks are old as fuck just FYI :-) hacked-router-help-sos - Hacked routers :D. List of Google Dorks for sites that have responsible disclosure program / bug bounty program - bug-bounty-dorks/dorks. First with most common parameters then parameters along with path. com -www -shop -share -ir -mfa Jun 20, 2024 · Google Dorks Search by Biscuit. In many platforms the various programs are not always public - some may be public, some maybe unlisted but public, some may be private and some may be invite-only. Information Security. google dorks for locate important files, information and accesses - G-dorks/google-dorks-for-bug-bounty-programs. Best google dorks for finding bug bounty programs, VDP and Responsible Disclosure Programs Resources. they are not responsible for us in Sep 26, 2023 · Fresh Targets + Google Dorks. Chapter 15: Google Dorks. intext:bug bounty. You can report security vulnerabilities to our vulnerability reward program (VRP), read up on our program rules (including rewards on offer), access learning content, and much more… Sep 29, 2024 · Here’s a list of common vulnerable parameters you can use with Google Dorks to identify potential security issues: ⚡️ Identifying Vulnerable Parameters Using Google Dorks ⚡️ D iscover various vulnerabilities such as XSS, Open Redirect, Server Errors, SQL Injection, SSRF, LFI, and RCE by utilizing Google Dorks to expose potential Dec 12, 2021 · The first step of effective bug bounty hunting is in depth reconnaissance; Google Dorks (other dorks are available*) are pieces of text which give you more functionality to a search engine. com inurl List of Google Dorks for sites that have responsible disclosure program / bug bounty program - dorks. In summary, I consider this a successful venture into bug bounty hunting with Grafana and look forward to hunting for more in the future. Start with “site:<domain>”. Reload to refresh your session. Aug 19, 2024 · Google Dorks Bug Bounty 项目教程 google-dorks-bug-bountyA list of Google Dorks for Bug Bounty, Web Application Security, and Pentesting项目地址:https Write a bug bounty report for the following reflected XSS: . org OR site:. Stars. He made a tweet about using a custom search engine for all bug bounty programs. Because of that, it could be a new approach to collect huge list of Google search results. Aug 24, 2024 · This article will talk about how to find information disclosure bug via google dorks. bin of DNS! 🔵 WordPress Scan #1 🔵 WordPress Scan #2 🔵 Facebook Certificate Transparency Monitoring [Recon] 🔵 IP converter 🔵 Domain History Checker 🔵 Source code search engine Part 2: Learn practical and hidden dorks to target sensitive bounty earning leaks and sensitive files. github. Bug Bounty programs and Vulnerability Disclosure Programs "submit vulnerability report" | "powered by bugcrowd" | "powered by hackerone" A list of Google Dorks for Bug Bounty, Web Application Security, and Pentesting - rix4uni/google-dorks-bug-bounty Jul 5, 2024 · Automated Google Dorking: Simplifies the process of finding vulnerable targets using predefined Google dorks. A list of Google Dorks for Bug Bounty, Web Application Security, and Pentesting. Cloud Storage Dorks. Chapter 17: Mindmaps for Recon and Bug Bounties List of Google dorks to find VDPs and Bug Bounty Programs - BH4R4T-SINGH/Bug_Bounty-Google_Dorks Aug 24, 2023 · In the world of bug bounty hunting, researchers employ various techniques to identify vulnerabilities in websites and applications. IPC$ all storage devices - Home routers' storage or attached USB Storage (Many with no PW) This search engine automates the discovery of sensitive information using customized dorks across GitHub, Google, and Shodan. Google dorks for bug bounty hunting Topics. Compared from the previous technique, this could be used with multiple targets at once. This page contains a streamlined methodology tailored for Bug Bounty Hunting, Web Application Penetration Testing (WAPT), and Vulnerability Assessment and Penetration Testing (VAPT). List of Google Dorks for sites that have responsible disclosure program / bug bounty program - bug-bounty-dorks/README. 1 star Watchers. Google Dorks for Bug Bounty. 2 watching. Use Markdown. 0 watching An insane list of all dorks taken from everywhere from various different sources. com Jul 5, 2023 · By utilizing these 40 Google Dorks, you can uncover hidden bug bounty programs that offer rewards and recognition for identifying vulnerabilities. Oct 17, 2021 · DorkScan is a web app that helps bug bounty hunters and students generate Google Dork queries. of. Just looking for easy XSS 😁. The tools consist of two separate search engines, one for Google and one for GitHub, that allow users to search for specific keywords, known as dorks, that can reveal sensitive information You signed in with another tab or window. 4️⃣ Security txt Files Oct 18, 2024 · Step 2: Crafting Your Google Dorks. Contribute to 0xPugal/Awesome-Dorks development by creating an account on GitHub. com”. Explore a comprehensive collection of Google Dorks tailored for Bug Bounty hunting and cybersecurity research. Sep 28, 2024 · If you want to find self hosted bug bounty programs then you can use following dorks. Biscuit Google Dorks is a specialized search tool for bug bounty hunters, packed with 45+ elite dorks for finding sensitive files, login panels, and vulnerable Dec 28, 2019 · It’s the end of the year and a good time to share things with people. Common File Extensions for Web Applications Jul 30, 2024 · What Are Google Dorks? 🤔. A list of Google Dorks for Bug Bounty, Web Application Security, and Pentesting Resources. Jun 27, 2023 · Find Admin Using Google Dork 🌐; can be a treasure trove for bug bounty hunters. May 4, 2019 · Introduction Bug bounty/vulnerability disclosure platforms are used by companies to coordinate the reporting, triaging and in some case, rewarding, of security vulnerabilities. txt at master · sushiwushi/bug-bounty-dorks. Include: Title, VRT, CVSS, Description, Impact, PoC that includes all steps to reproduce, and recommended Fix. inurl /bug bounty. 12 stars. Google Dorks are search queries designed to find specific types of information within Google’s index. Google Dorks For Bug Bounty; 5 Google Dorks Every Hacker Needs to Know; Uncover Hidden Gems in the Cloud with Google Dorks; 10 Google Dorks for Sensitive Data People can use Google Dorks to discover these vulnerabilities by searching for specific patterns and keywords that indicate potential security flaws. 0 watching For multiple domains, separate by comma. Why Use Google Dorks? Bug Bounty. List of Google Dorks for sites that have responsible disclosure program / bug bounty program - sushiwushi/bug-bounty-dorks See full list on github. Jul 5, 2023. Stay ahead of the curve and elevate your bug Oct 21, 2024 · Many companies also use popular bug bounty platforms like HackerOne and Bugcrowd to manage their programs. Whether you‘re an aspiring bug bounty hunter, a curious web surfer, or a seasoned security professional, understanding how to leverage Google dorks can open up a whole new world of possibilities for finding information online. com inurl:admin intitle:login site:website. Google Bug Hunters is aimed at external security researchers who want to contribute to keeping Google products safe and secure. Google Dorks For Bug Bounty; 5 Google Dorks Every Hacker Needs to Know Useful Google Dorks for WebSecurity and Bug Bounty - osintin1/google-dorks-1 Google dorks for bug bounty and pentesting. Oct 25, 2024 · The following google dork github link will help you to achieve the same. As a bug bounty hunter, list ways ChatGPT can save me time for recon, find a good program, learn technical skills Apr 2, 2019 · Browse active bug bounty programs run by website owners: Google Dorks to find open redirects: Posted on April 2, 2019 April 2, 2019 by MiguelSantareno. com. 0 stars. Packages 0. List of Google dorks to find VDPs and Bug Bounty Programs - BH4R4T-SINGH/Bug_Bounty-Google_Dorks Dec 26, 2024 · 2️⃣ BBP (Bug Bounty Program) Similarly replace “vulnerability disclosure program” to “bug bounty program” and same dorks like in VDP. Unleash the power of efficient bug hunting and secure your target with ease Resources Jul 2, 2024 · Enter Google Dorks – a technique that turns the world’s most popular search engine into a hacking tool. You can run Nuclei or run Wayback + kxss. io Google Dorks for Bug Bounty. GitHub Repo. inurl : / security. Readme Activity. Hai, Hello, Vanakam to the all the Hackers. ( I usually prefer this one’s) bug-bounty-dorks/dorks. Then, exclude boring pages with “-www” or other terms until you get to the juicy stuff: site:tesla. Whether you’re conducting penetration testing, researching for a bug bounty, or securing your systems, mastering Google Dorking opens up a world of possibilities. inurl:url I use a trick that ı found via a google dork, enter this on google search field: intitle:"Vulnerability Disclosure Program" OR intitle:"Vulnerability Disclosure Policy" site:. To my knowledge, I haven’t seen anyone in the bug bounty community using this. Here’s an extensive list of Google Dorks you can use for bug bounty hunting across various platforms, including common files, sensitive directories, configurations, and potential vulnerabilities. After having scanned more than a million websites in order to find XSS and Open Redirect vulnerabilities, I took the time to do statistics on the most vulnerables parameters. security bugbounty google-dorks Resources. For this reason, I’ll call it “redacted. Access powerful tools and insights: explore Google dorks, HackerOne reports, and bug bounty writeups. 3️⃣ RDP (Responsible Disclosure Program) Similarly replace “vulnerability disclosure program” to “responsible program” and same dorks like in VDP. com inurl:admin intitle:admin intext:admin google dorks. Uncover vulnerabilities, enhance web security, and improve your ethical hacking skills with our curated list of dorks for various exposures and misconfigurations. net OR site:. The tool allows custom searches, displaying clickable dorks in real-time with a clean, responsive design for easy use across devices. Google Dorks For Bug Bounty; 5 Google Dorks Every Hacker Needs to Know; Uncover Hidden Gems in the Cloud with Google Dorks; 10 Google Dorks for Sensitive Data Search Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term (dork) with a default set of websites, bug bounty programs or custom collection. Educational Purpose: This repository is intended solely for educational and research purposes in the field of cybersecurity. List of Google Dorks to search for companies that have a responsible disclosure program or bug bounty program which are not affiliated with known bug bounty platforms such as HackerOne or Bugcrowd. bug-bounty google-dorks github-dorks vulnerability-discovery shodan-dorks Updated Oct 16, 2024 Google dorks to find Bug Bounty Programs. Feb 16, 2022 · A swag for a Open Redirect — Google Dork — Bug Bounty Hello Folks 👋,I have found a good open redirect with my param scanner. Dec 2, 2023 · Unlock 25 advanced Google dorks for OSINT and Bug Bounty hunting, revealing security vulnerabilities and open-source intelligence You can find Some VDP’s on famous bug bounty platforms too like: Bugcrowd; Hackerone; Intigriti; If you want to find less-targeted bug bounty programs, you can use Google dorks. Lets start ! The company didn’t want me to publish their name. Sep 11, 2024 · By mastering the art of using Google Dorks, responsibly reporting vulnerabilities through bug bounty platforms, and continuing to improve your skills, you can make a real impact in the world of A list of Google Dorks for Bug Bounty, Web Application Security, and Pentesting osint yandex hacking wordlist web-security search-engines bugcrowd dork websecurity reconnaissance dorking google-dorking-payloads google-dorks-for-hackers googe-dorking You signed in with another tab or window. Google Dorks For Bug Bounty; 5 Google Dorks Every Hacker Needs to Know Feb 13, 2025 · A list of Google Dorks for Bug Bounty, Web Application Security, and Pentesting Broad domain search w/ negative search site:example. com Oct 28, 2023 · Google Dorks Examples: Finding Open Directories:; intitle:index. With this in mind, here are some of my favorite dorks for finding bug bounty programs, broken down by category: Program Pages. txt at master · sushiwushi/bug-bounty-dorks Useful Google Dorks for WebSecurity and Bug Bounty - Proviesec/google-dorks Jan 2, 2025 · If you want to learn more knowledge about Bug Bounty Tuesday, please be sure to take a look at my latest articles. Google Dorks are special search queries that can help you find specific Sep 22, 2024 · As a Technology and Internet expert at Google, one of the most fascinating and powerful tools I get to work with every day are Google dorks. txt. Probably the oldest method on this list, but it still works like a charm if you’re in a pinch. Some common Google Dork queries used in bug bounty A list of Google Dorks for Bug Bounty, Web Application Security, and Pentesting Resources. Chapter 17: Mindmaps for Recon and Bug Bounties. they are not responsible for us in Bug Bounty Hunting Methodology. Cloud storage services like Amazon S3, Microsoft Azure Blob Storage, Google Cloud, and Google Drive can often contain sensitive information. Let’s me introduce myself I’m Chandan das from India and I’m a web penetration tester. Practical Implementation of Concurrency-Safe Map Structures in Go — Code Thursday when multiple goroutines try to write to the same map simultaneously, concurrency issues arise, resulting in race… A list of Google Dorks for Bug Bounty, Web Application Security, and Pentesting Resources. Jul 3, 2023 · 40 Google Dorks to Find Bug Bounty Programs: Unveiling the Hidden Site. For example, a simple Google Dork query can reveal exposed databases, login pages, and other critical information. intext:bug bounty reward. By using specific search strings, we can narrow down our focus to relevant results. Google, Shodan, Github. Feb 16, 2024 · hello user mira welcome to the bug bounty application, this application is designed as a cyber security test kit, with this application you can test the security vulnerabilities of your own internet address's server and take precautions, on the other hand, you can legally use it for bug bounty transactions. e. site:example. Boost your bug bounty game! - dorkengine/dorkengine. Qasim Mahmood Khalid. Oct 21, 2024 · Now that you know the basics, let‘s see how we can apply them to find some juicy bug bounty programs! Dorks for Finding Bug Bounty Programs. For more such Google Dorks, feel free to check out this GitHub repository . Feb 10, 2024 · Google Dorking is an invaluable skill in the cybersecurity toolkit, offering deep insights into the digital landscape’s vulnerabilities and hidden treasures. Broad domain search w/ negative search. After choosing a role and dork type, users input search terms to generate and display specific Google Dork queries. My Favorite Google dork. txt Explore powerful Google Dorks curated for bug bounty hunting. txt; inurl:security “reward” inurl : /responsible disclosure; inurl : /responsible-disclosure Bug Hunting & InfoSec Tools. Explore powerful Google Dorks curated for bug bounty hunting. com intitle:/admin site:website. Hi geeks, it4chis3c came-up with another bounty earning write-up in the Bug Bounty Hunting Series: Aug 30, 2023 · They are particularly useful for finding sensitive data, misconfigured servers, and potential entry points for malicious activities. Dec 8, 2024 · I keep repeating in most of the google dorking articles that I published previously, you may get new results when you keep monitoring daily two times for new data (google search tools: filter by date,time and custom range) and that’s how you get rid of duplicates most of the time. Use these dorks to find a company‘s main bug bounty or vulnerability disclosure page: site:example. Apr 2, 2019 · Browse active bug bounty programs run by website owners: Google Dorks to find open redirects: Posted on April 2, 2019 April 2, 2019 by MiguelSantareno. thudz pvf rcihevu kzmktgaao niaig bcjcr zguasw rkyoa wgyb byp ywcha sqt yzzaj qpyw lcwdrto