• Stars
    star
    1,330
  • Rank 35,335 (Top 0.7 %)
  • Language
    Shell
  • License
    GNU General Publi...
  • Created over 2 years ago
  • Updated 7 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).


GooFuzz - The Power of Google Dorks


Credits

Author: M3n0sD0n4ld
Twitter: @David_Uton

Description:

GooFuzz is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories without making requests to the web server.

Download and install:

$ git clone https://github.com/m3n0sd0n4ld/GooFuzz.git
$ cd GooFuzz
$ chmod +x GooFuzz
$ ./GooFuzz -h

Use:

Menu

> ./GooFuzz -h
*********************************************************
* GooFuzz 1.2.2 - The Power of Google Dorks             *
*                                                       *
* David Utón (@David_Uton)                              *
*********************************************************

Usage:
        -h                                Display this help message.
        -w <DICTIONARY>        Specify a DICTIONARY, PATHS or FILES.
        -e <EXTENSION>           Specify comma-separated extensions.
        -t <TARGET>                  Specify a DOMAIN or IP Address.
        -p <PAGES>                      Specify the number of PAGES.
        -x <EXCLUSIONS>                EXCLUDES targets in searches.
        -d <DELAY>                Delay in seconds between requests.
        -s                 Lists subdomains of the specified domain.
        -c <TEXT> Specify relevant content in comma-separated files.
        -o <FILENAME>   Export the results to a file (results only).
           
Examples:
        GooFuzz -t site.com -e pdf,doc,bak
        GooFuzz -t site.com -e pdf -p 2
        GooFuzz -t www.site.com -e extensionslist.txt
        GooFuzz -t www.site.com -w config.php,admin,/images/
        GooFuzz -t site.com -w wp-admin -p 1
        GooFuzz -t site.com -w wordlist.txt
        GooFuzz -t site.com -w login.html -x dev.site.com
        GooFuzz -t site.com -w admin.html -x exclusion_list.txt
        GooFuzz -t site.com -s -p 10 -d 5 -o GooFuzz-subdomains.txt
        GooFuzz -t site.com -c P@ssw0rd!

Lists files by extensions separated by commas.

> ./GooFuzz -t nasa.gov -e pdf,bak,old -d 10
*********************************************************
* GooFuzz 1.2.2 - The Power of Google Dorks             *
*********************************************************

Target: nasa.gov

===================================================================
Extension: pdf
===================================================================

https://history.nasa.gov/alsj/a11/A11_PressKit.pdf
https://history.nasa.gov/alsj/a13/A13_PressKit.pdf
https://history.nasa.gov/alsj/a14/A14_PressKit.pdf
https://history.nasa.gov/alsj/a15/A15_PressKit.pdf
https://history.nasa.gov/alsj/a410/A07_PressKit.pdf
https://history.nasa.gov/alsj/a410/A09_PressKit.pdf
https://history.nasa.gov/monograph15.pdf
https://www.hq.nasa.gov/alsj/LLRV_Monograph.pdf

===================================================================
Extension: bak
===================================================================

https://bocachica.arc.nasa.gov/ATTREX_2013/rh/rh_omega_oct3.html.bak
https://bocachica.arc.nasa.gov/ATTREX_2013/rh/rh_omega_sep30.html.bak
https://bocachica.arc.nasa.gov/ATTREX_2014/attrex2014_satmap.html.bak
https://bocachica.arc.nasa.gov/ATTREX_2014/schom/schomfigures_20140126.html.bak
https://bocachica.arc.nasa.gov/ATTREX_2014/schom/schomfigures_20140226.html.bak
https://bocachica.arc.nasa.gov/ATTREX_2014/trajfigures/trajfigures.html.bak
https://bocachica.arc.nasa.gov/POSIDON/posidon.html.bak
https://hesperia.gsfc.nasa.gov/hessi/solar_install/installation.bak
https://ndeaa.jpl.nasa.gov/nasa-nde/outreach/outreach.html.bak
https://ndeaa.jpl.nasa.gov/nasa-nde/yosi/yosi.htm.bak

===================================================================
Extension: old
===================================================================

https://bocachica.arc.nasa.gov/HAVE/nmc_rh_omega_plots.html.old
https://echo.jpl.nasa.gov/asteroids/1988TA/1988TA_planning.html.old
https://echo.jpl.nasa.gov/asteroids/1998QE2/1998QE2_planning.html.old
https://echo.jpl.nasa.gov/asteroids/2014JO25/2014JO25_planning.html.old
https://echo.jpl.nasa.gov/asteroids/goldstone_asteroid_schedule.html.old
https://fits.gsfc.nasa.gov/users_guide/users_guide.ps.old
https://image.msfc.nasa.gov/ChrisDocs/UDFInstall/uLibInstall.old
https://seawifs.gsfc.nasa.gov/OCEAN_PLANET/HTML/titanic.html.old
https://umbra.nascom.nasa.gov/soho/hga_history.html.old
https://www.nasa.gov/index.html.old

Lists files by extensions contained in a txt file.

> ./GooFuzz -t nasa.gov -e wordlists/extensions.txt -d 30
*********************************************************
* GooFuzz 1.2.2 - The Power of Google Dorks             *
*********************************************************

Target: nasa.gov
Total requests: 4

===================================================================
Extension: pdf
===================================================================

https://history.nasa.gov/alsj/a11/A11_PressKit.pdf
https://history.nasa.gov/alsj/a13/A13_PressKit.pdf
https://history.nasa.gov/alsj/a14/A14_PressKit.pdf
https://history.nasa.gov/alsj/a15/A15_PressKit.pdf
https://history.nasa.gov/alsj/a410/A09_PressKit.pdf
https://oig.nasa.gov/NASA2011MajorChallenges.pdf
https://solarsystem.nasa.gov/stardust/aerogel_factsheet.pdf
https://www.hq.nasa.gov/alsj/LLRV_Monograph.pdf

===================================================================
Extension: xls
===================================================================

https://oig.nasa.gov/NASA_OIG_FY2013_Recovery_Act_Work_Plan.xls
https://www.nasa.gov/xls/163559main_LunarExplorationObjectives.xls
https://www.nasa.gov/xls/209970main_acr_section_c_icac_redacted_final_rev8_fixed.xls
https://www.nasa.gov/xls/220716main_Ch2_6TV.xls
https://www.nasa.gov/xls/279268main_Bird_Strikes.xls
https://www.nasa.gov/xls/279283main_Collided_Nearly_Collided_With_Another_Aircraft_While_Both_on_Ground.xls
https://www.nasa.gov/xls/279298main_Flight_Operations_Quality_Assurance_Program.xls
https://www.nasa.gov/xls/279309main_Location_Aircraft_Unrequested_Clearance_Change.xls
https://www.nasa.gov/xls/279532main_Runway_Taxiway_Excursions.xls
https://www.nasa.gov/xls/279539main_Takeoffs_With_Out_of_Limit_Center_of_Gravity.xls

===================================================================
Extension: doc
===================================================================

https://cce.nasa.gov/te2010_ab_presentations/Breakout_report.doc
https://hdrl.gsfc.nasa.gov/LWS_Data_System_Final.doc
https://pumas.nasa.gov/files/01_06_14_1.doc
https://www.nasa.gov/279987main_0929MT.DOC
https://www.nasa.gov/88878main_C_PDP03.DOC
https://www.nasa.gov/doc/311200main_SELDP_Guideline_Rev_01262009.doc
https://www.nasa.gov/doc/378831main_Huntsville_Transcript_part5.doc

===================================================================
Extension: txt
===================================================================

https://aeronet.gsfc.nasa.gov/aeronet_locations.txt
https://atmcorr.gsfc.nasa.gov/actual_holdings.txt
https://fits.gsfc.nasa.gov/rfc4047.txt
https://leonid.arc.nasa.gov/02comment66.txt
https://leonid.arc.nasa.gov/99comment10.txt
https://leonid.arc.nasa.gov/comment36.txt
https://www.nasa.gov/190381main_Feldman-transcript.txt
https://www.nasa.gov/366950main_1.txt
https://www.nasa.gov/378571main_0728NASAMeeting.txt
https://www.nasa.gov/382774main_081209_DC_Transcript.txt

List files, directories and even parameters by means of a wordlist (it is recommended to use only very small files).

./GooFuzz -t nasa.gov -w wordlists/words-100.txt -p 3
*********************************************************
* GooFuzz 1.2.2 - The Power of Google Dorks             *
*********************************************************

Target: nasa.gov

===================================================================
Directories and files found from: wordlists/words-100.txt
===================================================================

https://aeronet.gsfc.nasa.gov/cgi-bin/bamgomas_interactive
https://aeronet.gsfc.nasa.gov/cgi-bin/draw_map_display_aod_v3
https://aeronet.gsfc.nasa.gov/cgi-bin/webtool_aod_v3
https://cdaweb.gsfc.nasa.gov/cgi-bin/eval2.cgi
https://heasarc.gsfc.nasa.gov/cgi-bin/tess/webtess/wtv.py
https://heasarc.gsfc.nasa.gov/cgi-bin/Tools/convcoord/convcoord.pl
https://heasarc.gsfc.nasa.gov/cgi-bin/Tools/w3nh/w3nh.pl
https://heasarc.gsfc.nasa.gov/cgi-bin/Tools/w3pimms/w3pimms.pl
https://heasarc.gsfc.nasa.gov/cgi-bin/Tools/xraybg...
https://heasarc.gsfc.nasa.gov/cgi-bin/Tools/xraybg/xraybg.pl
https://heasarc.gsfc.nasa.gov/cgi-bin/W3Browse/swift.pl
https://heasarc.gsfc.nasa.gov/cgi-bin/W3Browse/w3browse.pl
https://heasarc.gsfc.nasa.gov/cgi-bin/W3Browse/w3catindex.pl
https://landweb.modaps.eosdis.nasa.gov/cgi-bin/QA_WWW/qaFlagPage.cgi?sat
https://landweb.modaps.eosdis.nasa.gov/cgi-bin/QA_WWW/qaFlagPage.cgi?sat=terra
https://landweb.modaps.eosdis.nasa.gov/cgi-bin/QA_WWW/qaFlagPage.cgi?sat=terra%26ver=C6
https://sscweb.gsfc.nasa.gov/cgi-bin/Locator.cgi
https://stereo.gsfc.nasa.gov/cgi-bin/images
https://stereo-ssc.nascom.nasa.gov/cgi-bin/images
https://svs.gsfc.nasa.gov/cgi-bin/details.cgi?aid
https://svs.gsfc.nasa.gov/cgi-bin/details.cgi?aid=4285
https://uavsar.jpl.nasa.gov/cgi-bin/data.pl?search
https://uavsar.jpl.nasa.gov/cgi-bin/data.pl?search=10G004
https://uavsar.jpl.nasa.gov/cgi-bin/data.pl?search=11G020
https://uavsar.jpl.nasa.gov/cgi-bin/data.pl?search=11G032
https://uavsar.jpl.nasa.gov/cgi-bin/data.pl?search=12G008
https://uavsar.jpl.nasa.gov/cgi-bin/data.pl?search=12G028
https://uavsar.jpl.nasa.gov/cgi-bin/data.pl?search=13G019
https://uavsar.jpl.nasa.gov/cgi-bin/data.pl?search=14G009
https://uavsar.jpl.nasa.gov/cgi-bin/data.pl?search=19G014
https://uavsar.jpl.nasa.gov/cgi-bin/data.pl?search=20G024
https://uavsar.jpl.nasa.gov/cgi-bin/data.pl?search=22G012
https://uavsar.jpl.nasa.gov/cgi-bin/data.pl?search=9G023

Lists directories and files by specifying paths, words or file names.

> ./GooFuzz -t nasa.gov -w /login/,password,db.html -p 3
*********************************************************
* GooFuzz 1.2.2 - The Power of Google Dorks             *
*********************************************************

Target: nasa.gov

===================================================================
Directories and files found from: /login/,password,db.html
===================================================================

https://femci.gsfc.nasa.gov/random/dB.html
https://heasarc.gsfc.nasa.gov/ark/forgot/password.html
https://osdr.nasa.gov/bio/submission-sso-login.html
https://osdr.nasa.gov/bio/workspace-sso-login.html
https://pubs.giss.nasa.gov/authors/db.html
https://wwwastro.msfc.nasa.gov/qdp/lextrct/db.html
https://www-mipl.jpl.nasa.gov/vicar/core460/html/javadoc/index.html?jpl/mipl/jujube/servlet/Login.html
https://www-mipl.jpl.nasa.gov/vicar/core460/html/javadoc/index.html?jpl/mipl/mdms/FileService/komodo/services/query/server/Login.html
https://www-mipl.jpl.nasa.gov/vicar/core460/html/javadoc/jpl/mipl/mdms/FileService/komodo/services/query/server/Login.html
https://www-mipl.jpl.nasa.gov/vicar/core470/html/javadoc/index.html?jpl/mipl/jujube/servlet/Login.html
https://www-mipl.jpl.nasa.gov/vicar/core470/html/javadoc/index.html?jpl/mipl/mdms/FileService/komodo/services/query/server/Login.html
https://www-mipl.jpl.nasa.gov/vicar/core470/html/javadoc/jpl/mipl/jujube/servlet/Login.html
https://www-mipl.jpl.nasa.gov/vicar/core470/html/javadoc/jpl/mipl/mdms/FileService/komodo/services/query/server/Login.html

Exclusion of subdomains in your searches (separated by commas or by a list)

Example 1:

In this example we remove the subdomain "wiki.earthdata.nasa.gov" from the search.

> ./GooFuzz -t nasa.gov -w login -p 1
*********************************************************
* GooFuzz 1.2.2 - The Power of Google Dorks             *
*********************************************************

Target: nasa.gov

===================================================================
Directories and files found from: login
===================================================================

https://daac.gsfc.nasa.gov/login
https://disc.gsfc.nasa.gov/earthdata-login
https://disc.gsfc.nasa.gov/images/login1.png
https://disc.gsfc.nasa.gov/images/login4.png
https://disc.gsfc.nasa.gov/images/login5.png
https://disc.gsfc.nasa.gov/images/login6.png
https://invention.nasa.gov/prog/login
https://kauai.ccmc.gsfc.nasa.gov/DONKI/login
https://ladsweb.modaps.eosdis.nasa.gov/oauth/login
https://software.nasa.gov/login
https://stemgateway.nasa.gov/public/s/login/
https://technology.nasa.gov/login
https://wiki.earthdata.nasa.gov/display/EL/How
https://wiki.earthdata.nasa.gov/download/attachments/109874707/home _register.png?version
https://wiki.earthdata.nasa.gov/download/attachments/109874707/registration2.png?version
https://wiki.earthdata.nasa.gov/login.action
https://www.earthdata.nasa.gov/eosdis/science-system-description/eosdis-components/earthdata-login
https://www.earthdata.nasa.gov/sites/default/files/imported/EDL_1.jpg
https://www.earthdata.nasa.gov/sites/default/files/imported/EDL_2.jpg
https://www.earthdata.nasa.gov/sites/default/files/imported/EDL_4.jpg
https://www.earthdata.nasa.gov/sites/default/files/imported/EDL_5.jpg
https://www.jpl.nasa.gov/site/NSET/accounts/login/
                                                                                                                                         
> ./GooFuzz -t nasa.gov -w login -p 1 -x wiki.earthdata.nasa.gov
*********************************************************
* GooFuzz 1.2.2 - The Power of Google Dorks             *
*********************************************************

Target: nasa.gov

===================================================================
Directories and files found from: login
===================================================================

https://daac.gsfc.nasa.gov/login
https://disc.gsfc.nasa.gov/earthdata-login
https://disc.gsfc.nasa.gov/images/login1.png
https://disc.gsfc.nasa.gov/images/login4.png
https://disc.gsfc.nasa.gov/images/login5.png
https://disc.gsfc.nasa.gov/images/login6.png
https://invention.nasa.gov/assets/images/banner-meatball.png
https://invention.nasa.gov/prog/login
https://ladsweb.modaps.eosdis.nasa.gov/login
https://ladsweb.modaps.eosdis.nasa.gov/oauth/login
https://software.nasa.gov/login
https://stemgateway.nasa.gov/public/s/login/
https://technology.nasa.gov/login
https://www.earthdata.nasa.gov/eosdis/science-system-description/eosdis-components/earthdata-login
https://www.earthdata.nasa.gov/sites/default/files/imported/EDL_1.jpg
https://www.earthdata.nasa.gov/sites/default/files/imported/EDL_2.jpg
https://www.earthdata.nasa.gov/sites/default/files/imported/EDL_3.jpg
https://www.earthdata.nasa.gov/sites/default/files/imported/EDL_4.jpg
https://www.earthdata.nasa.gov/sites/default/files/imported/EDL_5.jpg

Example 2:

Using the previous example, we create a file called "exclusion_list.txt" and insert the three subdomains to exclude, we perform the same search again, but passing the list of excluded targets.

> cat exclusion-list.txt
daac.gsfc.nasa.gov
invention.nasa.gov
software.nasa.gov
                                                                                                                                         
> ./GooFuzz -t nasa.gov -w login -p 1 -x exclusion-list.txt
*********************************************************
* GooFuzz 1.2.2 - The Power of Google Dorks             *
*********************************************************

Target: nasa.gov

===================================================================
Directories and files found from: login
===================================================================

https://disc.gsfc.nasa.gov/earthdata-login
https://ladsweb.modaps.eosdis.nasa.gov/oauth/login
https://nightsky.jpl.nasa.gov/login.cfm
https://podaac-tools.jpl.nasa.gov/drive/login?action
https://podaac-tools.jpl.nasa.gov/drive/login?action=login
https://stemgateway.nasa.gov/public/s/login/
https://technology.nasa.gov/login
https://wiki.earthdata.nasa.gov/login.action
https://www.earthdata.nasa.gov/eosdis/science-system-description/eosdis-components/earthdata-login
https://www.jpl.nasa.gov/site/NSET/accounts/login/
https://www.sewp.nasa.gov/qrt/security/login.sa

Subdomains enumeration

The functionality to list subdomains (parameter "-s") and in conjunction with a number of between 10 and 20 pages (parameter "-p"), it is possible to obtain a large number of subdomains of the organization.

> ./GooFuzz -t nasa.gov -s -p 20
*********************************************************
* GooFuzz 1.2.2 - The Power of Google Dorks             *
*********************************************************

Target: nasa.gov

===================================================================
Subdomains found:
===================================================================

http://go.nasa.gov
https://aeronet.gsfc.nasa.gov
https://airs.jpl.nasa.gov
https://api.nasa.gov
https://apod.nasa.gov
https://appel.nasa.gov
https://ares.jsc.nasa.gov
https://asterweb.jpl.nasa.gov
https://astrobiology.nasa.gov
https://blogs.nasa.gov
https://ceres.larc.nasa.gov
https://climatekids.nasa.gov
https://climate.nasa.gov
https://cneos.jpl.nasa.gov
https://data.nasa.gov
https://earthobservatory.nasa.gov
https://europa.nasa.gov
https://exoplanets.nasa.gov
https://eyes.nasa.gov
https://firms.modaps.eosdis.nasa.gov
https://go.nasa.gov
https://imagine.gsfc.nasa.gov
https://intern.nasa.gov
https://lambda.gsfc.nasa.gov
https://mars.nasa.gov
https://missionstem.nasa.gov
https://mms.gsfc.nasa.gov
https://modis.gsfc.nasa.gov
https://ntrs.nasa.gov
https://power.larc.nasa.gov
https://science.gsfc.nasa.gov
https://science.nasa.gov
https://sdo.gsfc.nasa.gov
https://search.earthdata.nasa.gov
https://smap.jpl.nasa.gov
https://software.nasa.gov
https://solarsystem.nasa.gov
https://spaceplace.nasa.gov
https://spotthestation.nasa.gov
https://swot.jpl.nasa.gov
https://terra.nasa.gov
https://webb.nasa.gov
https://worldview.earthdata.nasa.gov
https://worldwind.arc.nasa.gov
https://www1.grc.nasa.gov
https://www.earthdata.nasa.gov
https://www.giss.nasa.gov
https://www.jpl.nasa.gov
https://www.sewp.nasa.gov
https://www.sti.nasa.gov

Files found containing enumeration

The functionality to list files by their content (parameter "-c"), is very useful to identify relevant files (e.g. containing the word "password"), even if the word is in an image file (e.g. .png).

> ./GooFuzz -t nasa.gov -c password
*********************************************************
* GooFuzz 1.2.2 - The Power of Google Dorks             *
*********************************************************

Target: nasa.gov

===================================================================
Files found containing: password
===================================================================

https://cdaweb.gsfc.nasa.gov/WebServices/REST/idl/api/idldoc-index.html
https://cdaweb.gsfc.nasa.gov/WebServices/REST/idl/public/idldoc-index.html
https://cloud1.arc.nasa.gov/sonex/pages/sonex_data_exchg.html
https://essp.larc.nasa.gov/EVM-3/pdf_files/N_PR_2200_002D_.pdf
https://heasarc.gsfc.nasa.gov/docs/software/ftools/fv/doc/fileSelection.html
https://hera.gsfc.nasa.gov/webHera/doc/webHera_1.fld/image004.png
https://hera.gsfc.nasa.gov/webHera/doc/webHera_1.fld/image029.png
https://hera.gsfc.nasa.gov/webHera/doc/webHera_1.fld/image068.png
https://hera.gsfc.nasa.gov/webHera/doc/webHera_1.html
https://modis-land.gsfc.nasa.gov/pdf/MODIS_C6_BA_User_Guide_1.0.pdf
https://nodis3.gsfc.nasa.gov/NPD_attachments/Purchase.pdf
https://nodis3.gsfc.nasa.gov/NPR_attachments/NRRS_1441.1.pdf
https://ntrs.nasa.gov/api/citations/19960050121/downloads/19960050121.pdf
https://procurement.ksc.nasa.gov/-/media/NPSC-SR/BiddersLibrary/DocumentLibrary/NRRS 14411 NASA Record Retention Schedules.ashx
https://science.nasa.gov/files/atoms/files/Published HPAC FRN May 5-6 Meeting
https://science.nasa.gov/files/atoms/files/Published HPAC FRN May 5-6 Meeting%5B1%5D.pdf
https://www-air.larc.nasa.gov/pub/PEMTROPICSB/MODELING/KRISHNAMURTI.FSU/README.txt
https://www-mipl.jpl.nasa.gov/Dbms/dbi/html/MDMS__DBI__Password_8h.html
https://www-mipl.jpl.nasa.gov/Dbms/dbi/html/MDMS__DBI__Password_8h__incl.gif
https://www.nas.nasa.gov/hecc/support/kb/pdf-cat/157/
https://www.nccs.nasa.gov/images/Intel_MPI_Reference_Manual.pdf

Proof of concept with an image

Screenshot

Or even, search for a possible password in a pdf file:

> ./GooFuzz -t .com -c changeme -e pdf
*********************************************************
* GooFuzz 1.2.2 - The Power of Google Dorks             *
*********************************************************

Target: .com

===================================================================
Extension: pdf
Files found containing: changeme
===================================================================

https://docs.itrsgroup.com/docs/geneos/4.4.0/SSO Agent/Geneos SSO User Guide v1.0.0.pdf
https://docs.oracle.com/cd/B31589_01/gc3/pdf/integration/gc3datamanagement.pdf
https://docs.vmware.com/en/VMware-Smart-Assurance/10.1.5/sm-pub-smarts-security-config-guide-1015.pdf
https://qsupport.quantum.com/kb/flare/Content/QEKM/Downloads/6-01847-02_Q-EKM_UsersGuide.pdf
https://www.cisco.com/c/en/us/td/docs/net_mgmt/broadband_access_center/3-6/administration/guide/admbac36/chap_20.pdf
https://www.delltechnologies.com/asset/en-us/products/data-protection/technical-support/docu96471.pdf
https://www.delltechnologies.com/asset/en-us/products/data-protection/technical-support/docu97051.pdf
https://www.delltechnologies.com/content/dam/digitalassets/active/en/unauth/technical-guides-support-information/products/data-protection/docu97051.pdf
https://www.delltechnologies.com/content/dam/digitalassets/active/en/unauth/technical-guides-support-information/products/data-protection/docu97085.pdf

Proof of concept with an PDF file

Screenshot

Disclaimer

  • I am not responsible for the misuse of the tool.
  • Google Search has mechanisms to prevent abusive use or detection of suspicious activity. If at any time the tool does not show results, Google has temporarily blocked you (e.g. Captcha).
  • All the information obtained is public and through Google results.
  • Logically, the searches are in Google, so it leaves no evidence in the logs of the target's server.
  • And very important, if you see a file, directory, subdomain, etc... Indexed in Google, does not mean that it still exists on the server (or it does ;)).

Useful?

If you like the tool, find it useful in your work, Bug Bounty or as a hobby, you could help me like this:

  • Tell your friends and co-workers about it.
  • Contribute new ideas or help me to improve it by correcting bugs from here.
  • How? Do you want to buy me a coffee? Thank you very much!