• Stars
    star
    813
  • Rank 56,088 (Top 2 %)
  • Language
    Python
  • License
    GNU General Publi...
  • Created over 4 years ago
  • Updated 2 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Search Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term (dork) with a default set of websites, bug bounty programs or custom collection.

Want to get the latest updates?
Be sure to ⭐ this repo!

About SiteDorks

Search Google, Bing, Brave, Ecosia, Yahoo or Yandex for a search term with several websites. A default list is already provided, which contains Github, Gitlab, Surveymonkey, Trello etc etc. Currently, a default list of 559 dorkable websites is available.

By default, the following categories are on file:

  • analysis(13)
  • cloud(83)
  • comm(82)
  • dev(69)
  • docs(77)
  • edu(12)
  • fin(15)
  • forms(12)
  • orgs(51)
  • other(7)
  • remote(1)
  • shortener(37)
  • social(92)
  • storage(9)

Why use SiteDorks?

Why wouldn't you just enter dorks for several websites manually? Think of this:

  • It's really easy to query different search engines.
  • Dorks can be executed per 1 or more categories.
  • It's easy to create different input files for different uses.
  • Adding new websites to your search query can be arranged by just adding them to an input file (either a CSV with categories or just a list of sites).
  • It already has a lot of dorkable websites included.
  • The list with dorkable websites is updated regularly.
  • Some search engines ignore too many keywords/characters in a query and with argument -count it's easy to split your dork into more queries.
  • It contains a list of several bug bounty platforms. With 1 command you can search domains of programs on several bug bounty platforms. Find the "easter egg" in this feature :)
  • It contains generic lists for other counties such as China, France, Germany, Korea, The Netherlands and Russia.
    • Need help here with generic lists for other countries, both with more entries in the current lists and with more lists.
  • It contains a list of Dutch governmental agencies and educational services. With 1 command you can search domains of either the Dutch government or educational services.
    • Need help here with other lists that can be useful, for example domains of government and educational services in other countries.
  • Because you want to help plant more trees using the search engine Ecosia (Bing based).

Install

SiteDorks should be able to run with a default Kali Linux installation using Python 3 without installing additional Python packages. Just run:

git clone https://github.com/Zarcolio/sitedorks
cd sitedorks
bash install.sh

If you're running into trouble running SiteDorks, please drop me an issue and I'll try to fix it :)

Usage

usage: sitedorks [-h] [-browser <browser>] [-cat <category>] [-cats] [-count <count>] [-engine <engine>] [-file <file>]
[-query <query>] [-site <on|off|inurl>] [-excl <domains>] [-echo]

Use your favorite search engine to search for a search term with different websites. Use single quotes around a
query with double quotes. Be sure to enclose a query with single quotes it contains shell control characters like
space, ';', '>', '|', etc.

optional arguments:
  -h, --help            Show this help message, print categories on file (add -file to check other CSV file) and exit.
  -hh, --help2          Show the help inside a .csv file being called. Lines in the beginning of the script starting with # are displayed as help.
  -browser <browser>    Supply the browser executable to use or use the default browser.
  -cat <category>       Choose from 1 or more categories, use ',' (comma) as delimiter. Defaults to all categories.
  -cats                 Show all categories on file, use with or without -file.
  -count <count>        How many websites are searched per query. Google has a maximum length for queries.
  -engine <engine>      Search with 'google', 'baidu', 'bing', 'brave', 'bing-ecosia', 'duckduckgo' 'yahoo' or 'yandex', defaults to 'google'.
  -file <file>          Enter a custom website list.
  -filter <string>      Only query for sites with this string.
  -query <query>        Enter a mandatory search term.
  -site <on|off|inurl>  Turn the 'site:' operator 'on' or 'off', or replace it with 'inurl:' (only for Google), defaults to 'on'.
  -excl <domains>       Excluded these domains from the search query.
  -echo                 Prints the search query URLs, for further use like piping or bookmarking.
  -ubb                  Updates bug bounty files (in en out scope) and exits. Uses bbrecon.
  -wait <seconds>       Wait x seconds, defaults to 7 seconds.

Examples

Small warning here: if you don't use -cat SiteDorks will open a lot of tabs in your browser and probably will make Google throw you a CAPTCHA. Increase waiting time with option '-wait' to decrease the chance of getting a CAPTCHA.

Want to look for "uber.com" with different sites containing all kinds of content using Google? Use the following command:

sitedorks -query '"uber.com"'

Want to look for "uber website" (with quotes and spaces in the query)? Use the following command:

sitedorks -query '"uber website"'

Want to search for communication invites with Yandex but leave site: out of the query? Just use the following command:

sitedorks -cat comm -site disable -engine yandex -query uber

And if you want to see which categories are on file, for example with the hackerone platform:

sitedorks -file sitedorks-bbrecon.csv -cats

If you want to download/update the bug bounty files, you can use the -ubb parameter (it uses bbrecon):

sitedorks -ubb

The -ubb argument creates two files: sitedorks-bbrecon-inscope.csv and sitedorks-bbrecon-outscope.csv. Use the following command for finding exploitable systems or juicy info (always check if a system is in scope, although these these domains are in scope, it doesn't always mean that this subdomain or system is):

sitedorks -file sitedorks-bbrecon-inscope.csv -cat somevdp -query "exploitable systems/juicy info"

Use this command for finding juicy info only, because these domains are out of scope:

sitedorks -file sitedorks-bbrecon-outscope.csv -cat somevdp -query "juicy info"

For searching in Dutch (para)medical websites, use the following command:

sitedorks -cat medi -file sitedorks-nl.csv -query somekeyword

Google Dorks

Don't know what to look for? Try:

Contribute?

Do you have some usefull additions to SiteDorks script or to the list of dorkable websites:

  • PR's Welcome
  • Twitter

More Repositories

1

flipperzero

This repo contains my own Ducky/BadUSB scripts, related PowerShell scripts and other Flipper Zero related stuff.
PowerShell
270
star
2

wwwordlist

Wwwordlist is a wordlist generator for pentesters and bug bounty hunters. It extracts words from HTML, URLs, JS/HTTP/input variables, quoted texts in the text and mail files in order to generate wordlists.
Python
99
star
3

grepaddr

Use grepaddr to extract (grep) all kinds of addresses from stdin like URLs (incl. IPv4/IPv6), IP addresses & ranges (IPv4/IPv6), e-mail addresses, MAC addresses.
Python
60
star
4

GoogleZorks

Google search queries for searching some kind of information about interesting stuff (OSINT)
Batchfile
9
star
5

1pfuscat0r

A tool to automatically generate alternative IP representations, a rewritten version of IPFuscator
Python
8
star
6

Wappaligner

Changes the output of Wappalyzer into something human readable. It also provides links to useful websites and a Google query for finding information on vulnerabilities.
Python
8
star
7

2cmd

Got a command that doesn't support input files like whois or sqlmap? Use 2cmd to take input from stdin and run each line with the command(s) given in the script file. Comes with lot's of pentest/red teaming/bug bounty/CTF scripts ready to use
Roff
7
star
8

rssfeeds

My personal security feeds divided into pentest feeds and other security feeds
6
star
9

2ulb

Easy shortcut to make scripts executable and link them from /usr/local/bin
Python
5
star
10

uniqurl

Use uniqurl to filter only unique content from a list of URLs with stdin, making it usable within piped commands
Python
5
star
11

WinIPFinder

Tries to find IP addresses from within Windows, useful when engaged in an on-prem pentest / red teaming exercise.
Batchfile
4
star
12

s3-bulk-cp

Copy all files found from AWS S3 bucket to local
Shell
4
star
13

hardening_guides

A gathered list of hardening guides
3
star
14

Nmap

Scripts around Nmap and plugins for Nmap
Batchfile
3
star
15

clio

Different tools that take input from stdin, does some stuff and give output stdout, making them perfect for use in pided commands
Python
3
star
16

Dangerous-Windows-Commands

This is a list of built-in Windows executables that are potentially dangerous an could be use by malware or another type of attacker.
3
star
17

kali-additions

My personal additions to Kali Linux
Shell
2
star
18

.KaliConfig

A script which install all scripts I want with a fresh Kali
Shell
2
star
19

hlt

Handy Linux Tools
Shell
2
star
20

useshttp

Takes host names as input (ports and HTTP status code are optional) and outputs the base URL if a GET request is successful, making it usable in piped commands.
Python
1
star
21

resolves

Takes host names as input and output the host name if it resolves, making it usable in piped commands.
Python
1
star
22

ZecList

Some lists I created / gathered and put together / improved
1
star
23

local_connectivity_check

Routes connectivity checks to pi-hole
Shell
1
star
24

splitfqdn

Split an FQDN in parts and rearrange its parts
Python
1
star
25

reusables

Predominantly contains functions that can be reused.
Python
1
star
26

WebCapper

Uitilizes subfinder and cutycapt to retrieve a list of hostnames and create a screenshot if a websites exists @ 80 or 443/TCP
Python
1
star
27

GetPdfAuthors

Download al files from a website and extract all authors from the PDF files
Shell
1
star
28

urldecode

Take a string from stdin a performs an urldecode x times
1
star
29

whoami-gui

AutoIt
1
star
30

urlcoding

Short script to encode or decode input from standard input
Python
1
star
31

mailgen

Use mailgen to generate bogus e-mail addresses.
Python
1
star
32

Linux-Fixes

When I stumbe across an issues, which I manage to fix, I'll add a solution. A big warning: DON'T JUST EXECUTE THESE SCRIPTS IF YOU DON'T KNOW WAT YOU'RE DOING, IT MIGHT BREAK STUFF!!!
Shell
1
star