Tuesday, June 9, 2015

intext:powered by joomla & filetype:sql -github

Find SQL dumps from Joomla :

intext:powered by joomla & filetype:sql -github

intext:powered by joomla & filetype:sql -github

intext:Black Stealer v2.0 & filetype:txt

Find Black Stealer files :

Juicy passwords...

intext:Black Stealer v2.0 & filetype:txt
intext:Black Stealer & filetype:txt

Monday, June 1, 2015

Best Google Dorking tools

4 Great Google Dorking tools

1) GooDork


GooDork is a simple python script designed to allow you to leverage the power of google dorking straight from the comfort of your command line. GooDork offers powerfull use of googles search directives, by analyzing results from searches using regular expressions that you supply. So basically the purpose of GooDork is to combined Dorking with Regular expressions

2) BinGoo


BinGoo is my version of an all-in-one dorking tool written in pure bash. It leverages Google AND Bing main search pages to scrape a large amount of links based on provided search terms. You can choose to search a single dork at a time or you can make lists with one dork per line and perform mass scans. Once your done with that, or maybe you have links gathered from other means, you can move to the Analyzing tools to test for common signs of vulnerabilities. The results are neatly sorted into their own respective files basedon findings. If you want to take further you can run them through the SQL or LFI tools which are some semi working homebrewed creations I made in bash or you can use the SQLMAP and FIMAP wrapper tools I wrote which work much better and with greater accuracy and results. I have also included a few neat features to make life easy, such as Geo dorking based on domain type or domain country codes or shared hosting checker which uses preconfigured Bing search and a dork list to find possible vulns on other sites on same server. I also included a simple admin page finder which simply works based on a provided list and server response codes for confirmation of existance. Together I think it all works as a nice little package!

3) Dork Searcher


Dork Searcher is a small utility that enables you to easily use Google to search for SQLi vulnerable web servers. Saves the results in a text or XML file. Uses the Tor VPN/Proxy client or your own Socks 4a or 5 proxy server for anonymity. Over 350 Google Dorks included. Easily add your own to the list by simply editing a text file.

4) Xcode Scanner