Monday, June 1, 2015

Best Google Dorking tools

4 Great Google Dorking tools



1) GooDork

https://github.com/k3170makan/GooDork

GooDork is a simple python script designed to allow you to leverage the power of google dorking straight from the comfort of your command line. GooDork offers powerfull use of googles search directives, by analyzing results from searches using regular expressions that you supply. So basically the purpose of GooDork is to combined Dorking with Regular expressions


2) BinGoo

https://github.com/Hood3dRob1n/BinGoo

BinGoo is my version of an all-in-one dorking tool written in pure bash. It leverages Google AND Bing main search pages to scrape a large amount of links based on provided search terms. You can choose to search a single dork at a time or you can make lists with one dork per line and perform mass scans. Once your done with that, or maybe you have links gathered from other means, you can move to the Analyzing tools to test for common signs of vulnerabilities. The results are neatly sorted into their own respective files basedon findings. If you want to take further you can run them through the SQL or LFI tools which are some semi working homebrewed creations I made in bash or you can use the SQLMAP and FIMAP wrapper tools I wrote which work much better and with greater accuracy and results. I have also included a few neat features to make life easy, such as Geo dorking based on domain type or domain country codes or shared hosting checker which uses preconfigured Bing search and a dork list to find possible vulns on other sites on same server. I also included a simple admin page finder which simply works based on a provided list and server response codes for confirmation of existance. Together I think it all works as a nice little package!

3) Dork Searcher

http://sourceforge.net/projects/dorksearcher/

Dork Searcher is a small utility that enables you to easily use Google to search for SQLi vulnerable web servers. Saves the results in a text or XML file. Uses the Tor VPN/Proxy client or your own Socks 4a or 5 proxy server for anonymity. Over 350 Google Dorks included. Easily add your own to the list by simply editing a text file.

4) Xcode Scanner

http://sourceforge.net/projects/xcodescanner/

Wednesday, January 22, 2014

GooDork

GooDork 2.2 : Command line google dorking tool
by k3170makan

GooDork is a simple python script designed to allow you to leverage the power of google dorking straight from the comfort of your command line. GooDork offers powerfull use of googles search directives, by analyzing results from searches using regular expressions that you supply. So basically the purpose of GooDork is to combined Dorking with Regular expressions GooDork allows you to apply regular expressions to any and all of the follow attributes of web applications

*URL
*displayable Text
*anchors

Many more options will shortly be made available

Another thing I must say is that I'm using python regexes, so please read up on that, though staight forward text matching works just fine ;) GooDork 2.2 now allows the use of custom User-Agents with the '-U' switch. *** check out the 'NEW_FEATURES' file to see what I've added and improved in this version

Dependecies:

GooDork uses the following python packages to get pumping and jumping please make sure all of them are available

python beautifulsoup4
python-httplib
python-urllib
python-urlparse

See here to find out how to install BeautifulSoup4: http://www.crummy.com/software/BeautifulSoup/ You may need to install pip (pip - install Python packages) for *nix users this makes installing BeautifulSoup4 alot easier

Installing:

The only installation you need do is to download the entire script package, and make sure the dependencies -- listed above -- are installed on your machine

https://github.com/k3170makan/GooDork
© k3170makan