pip install -r requirements.txt
It is highly recommended to add more dorks for an effective search, keep reading to see how
python DorkMe.py --help
Examples:
python DorkMe.py --url target.com --dorks vulns -v (recommended for test)
python DorkMe.py --url target.com --dorks Deprecated,Info -v (multiple dorks)
python DorkMe.py --url target.com --dorks all -v (test all)
DorkMe is a tool designed with the purpose of making easier the searching of vulnerabilities with Google Dorks, such as SQL Injection vulnerabilities.
Any idea, failure etc please report to telegram: blueudp
dork folder contains -> dorks to search, result folder contains -> results of DorkMe execution
Tested in ParrotOS and Kali Linux 2.0
Remember DorkMe is beta, to avoid bans DorkMe wait about 1 minute on each request and 3 minutes every 100 requests
If you want to add new dorks put it in one of the files in the dorks folder (preferable in its category), if it is not, you can add it to mydorks.txt. to add it: in the first line add the dork, in the second the severity: high , medium or low, and finally its description, look at the other files to do it correctly Dork List:
http://www.conzu.de/en/google-dork-liste-2018-conzu/
https://www.exploit-db.com/google-hacking-database/
Find admin Panels: https://starhackx.blogspot.com/2014/02/list-of-dorks-to-find-admin-panels_23.html#.W27U5uFKjV0
EXAMPLE:
inurl:php?id= [enter]
high [enter]
SQLi [enter]
(space)
another dork
To install on termux run pip2 and python2 instead of pip and python
Google hacking, also named Google dorking, is a computer hacking technique that uses Google Search and other Google applications to find security holes in the configuration and computer code that websites use.
For example, SQL injection usually has this structure in the url "file.php? Id = [vuln]", to look for pages vulnerable to SQLi we can use the operator "inurl:", which only shows results with X string in the url , we can also use the "filetype: [extension]" operator to search for sensitive files, a hyphen in front of a word so that the word does not appear in the search, quote a phrase or word to ALWAYS appear in the search results, etc.
List of special operators: https://ahrefs.com/blog/google-advanced-search-operators/
Name: Eduardo Pérez-Malumbres
Telegram: @blueudp
Twitter: https://twitter.com/blueudp
dorkme's People
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.