dorkbot is a modular command-line tool for Google dorking, which is performing vulnerability scans against a set of web pages returned by Google search queries in a given Google Custom Search Engine.
How dorkbot works
It is broken up into two sets of modules:
- Indexers – modules that issue a search query and return the results as targets
- Scanners – modules that perform a vulnerability scan against each target
Targets are stored in a local database file upon being indexed. Once scanned, any vulnerabilities found by the chosen scanner are written to a standard JSON report file. Indexing and scanning processes can be run separately or combined in a single command.
123456789101112131415161718192021222324 usage: dorkbot.py [–h] [–c CONFIG] [–b BLACKLIST] [–d DATABASE] [–i INDEXER][–l] [–o INDEXER_OPTIONS] [–p SCANNER_OPTIONS] [–s SCANNER][–v VULNDIR]optional arguments:–h, —help show this help message and exit–c CONFIG, —config CONFIGConfiguration file–b BLACKLIST, —blacklist BLACKLISTFile containing (regex) patterns to blacklist fromscans–d DATABASE, —database DATABASESQLite3 database file–i INDEXER, —indexer INDEXERIndexer module to use–l, —list List targets in database–o INDEXER_OPTIONS, —indexer–options INDEXER_OPTIONSIndexer–specific options (opt1=val1,opt2=val2,..)–p SCANNER_OPTIONS, —scanner–options SCANNER_OPTIONSScanner–specific options (opt1=val1,opt2=val2,..)–s SCANNER, —scanner SCANNERScanner module to use–v VULNDIR, —vulndir VULNDIRDirectory to store vulnerability output reports
The scanner module also needs:
You can download dorkbot here:
Or read more here.