Google Dorks

Google Dorks技术是一种利用Google的高级搜索功能来发现网上隐藏的信息的方法。Google Dorks,或者Google Hacks,是指一些特殊的搜索命令(包括特定的参数和搜索操作符),当输入到Google搜索栏时,可以显示网站的一些不公开的部分。

在线网站

自动化工具

pip3 install -r requirements
# Use --siterestrict if you have configured less than 10 domains in the cseid
python3 gorks.py --cseid <cseid> --dorks ./ghdb.json [--api-key <api_key>|--api-keys-file </path/apikeys>] [--siterestrict] [--json-file </oath/to/json_file>] 2>/dev/null
python googd0rk.py domain
git clone https://github.com/six2dez/dorks_hunter
cd dorks_hunter
pip3 install -r requirements.txt

> python3 dorks_hunter.py -h
usage: dorks_hunter.py [-h] --domain DOMAIN [--results RESULTS] [--output OUTPUT]

Simple Google dork search

options:
  -h, --help            show this help message and exit
  --domain DOMAIN, -d DOMAIN
                        Domain to scan
  --results RESULTS, -r RESULTS
                        Number of results per search, default 10
  --output OUTPUT, -o OUTPUT
                        Output file
./goohak domain.com
git clone https://github.com/opsdisk/pagodo.git
cd pagodo
virtualenv -p python3.7 .venv  # If using a virtual environment.
source .venv/bin/activate  # If using a virtual environment.
pip install -r requirements.txt

python pagodo.py -d example.com -g dorks.txt 

Google Dorks 集合

Dorks

site:http://ideone.com | site:http://codebeautify.org | site:http://codeshare.io | site:http://codepen.io | site:http://repl.it | site:http://jsfiddle.net "company"
//代码共享
site:github.com | site:gitlab.com | site:bitbucket.org "company"
site:stackoverflow.com "target.com"
site:http://trello.com | site:*.atlassian.net "company"
//项目管理站点
site:http://justpaste.it | site:http://pastebin.com "company"
site:target.com ext:xml | ext:conf | ext:cnf | ext:reg | ext:inf | ext:rdp | ext:cfg | ext:txt | ext:ora | ext:env | ext:ini
//配置文件
site:target.com ext:sql | ext:dbf | ext:mdb
//数据库文件
site:target.com ext:bkf | ext:bkp | ext:bak | ext:old | ext:backup
//备份文件
inurl:"/.git" target.com -github
//git文件
site:target.com ext:doc | ext:docx | ext:odt | ext:pdf | ext:rtf | ext:sxw | ext:psw | ext:ppt | ext:pptx | ext:pps | ext:csv
//公开文件
site:target.com intitle:index.of | ext:log | ext:php intitle:phpinfo "published by the PHP Group" | inurl:shell | inurl:backdoor | inurl:wso | inurl:cmd | shadow | passwd | boot.ini | inurl:backdoor | inurl:readme | inurl:license | inurl:install | inurl:setup | inurl:config | inurl:"/phpinfo.php" | inurl:".htaccess" | ext:swf
//其它文件
site:target.com intext:"sql syntax near" | intext:"syntax error has occurred" | intext:"incorrect syntax near" | intext:"unexpected end of SQL command" | intext:"Warning: mysql_connect()" | intext:"Warning: mysql_query()" | intext:"Warning: pg_connect()"
//SQL 错误
site:target.com "PHP Parse error" | "PHP Warning" | "PHP Error"
//PHP错误
site:target.com inurl:signup | inurl:register | intitle:Signup
//登录页面
site:target.com inurl:redir | inurl:url | inurl:redirect | inurl:return | inurl:src=http | inurl:r=http
//重定向
site:target.com ext:action | ext:struts | ext:do
//Apache Struts RCE
site:pastebin.com target.com
site:linkedin.com employees target.com
//领英员工搜索
site:target.com inurl:wp-content | inurl:wp-includes
//WordPress文件
site:*.target.com
//子域名
site:*.*.target.com
//子域名
site:.s3.amazonaws.com | site:http://storage.googleapis.com | site:http://amazonaws.com "target"
//S3桶
intitle:traefik inurl:8080/dashboard "target"
intitle:"Dashboard [Jenkins]"