OSINT Tool: GoogleDorker

Reading Time: 3 Minutes

GoogleDorker

GoogleDorker, developed by RevoltSecurities, is a tool tailored for bug hunters and penetration testers, enabling efficient Google Dorking. It allows users to perform advanced, targeted searches to gather critical information about their targets. By leveraging Google’s APIs, GoogleDorker simplifies comprehensive reconnaissance and enhances the effectiveness of vulnerability assessments for cybersecurity professionals.

Features

• Asynchronous Google Dorking: Perform advanced and efficient searches using Google Dorks with high performance, powered by asynchronous processing.
• Bug Hunting and Reconnaissance: Discover valuable intelligence, potential vulnerabilities, and misconfigurations during ethical hacking and penetration testing.
• Real-Time Progress Tracking: Keep track of task progression with live updates for smooth operation.
• Cross-Platform Compatibility: Fully compatible with all major operating systems, requiring no additional dependencies.
• Customizable Search Queries: Fine-tune Google Dorks for targeted searches and precise results.

Usage

dorker -h

       __                   __
  ____/ /  ____    _____   / /__  ___    _____
 / __  /  / __ \  / ___/  / //_/ / _ \  / ___/
/ /_/ /  / /_/ / / /     / ,<   /  __/ / /
\__,_/   \____/ /_/     /_/|_|  \___/ /_/


                    - RevoltSecurities



[DESCRIPTION]: GoogleDorker - Unleash the power of Google dorking for ethical hackers with custom search precision.

[USAGE]:

    dorker [flags]

[FLAGS]:

    [INPUT]:

        -q,  --query                    :  single dorking query for Dorker to search
        -l,  --list                     :  filename that contains list of dorks with target name
        stdin/stdout                    :  Dorker now supports stdin/stdout for reading dorks

    [OUTPUT]:

        -o,   --output                  :  filename to save the outputs.

    [Rate-Limits]:

        -t,    --threads                : set the concurrency level for dorking (default 20)

    [OPTIMIZATION]:

        -t,   --timeout                 :  timeout value for every sources requests (default: 15).
        -d,   --delay                   :  specify a delay value between each requests (default: 1)

    [UPDATE]:

        -up,   --update                 :  updates Dorker tool to latest version (info: requires pip to be insalled).

    [CONFIG]:

        -px,  --proxy                   :  http proxy to use with Dorker's each request
        -cp,  --config-path             :  custom path of config file for Dorker to read api keys (default path: $HOME.config/dorker/provider-config.yaml).

    [DEBUG]:

        -h,   --help                    :  displays this help message and exits
        -s,   --silent                  :  disables showing banner and version of Dorker
        -v,   --verbose                 :  enable to increase the verbosity of the Dorker

Installation

PIP:

pip install git+https://github.com/RevoltSecurities/GoogleDorker --break-system-packages

PIPX:

pipx install git+https://github.com/RevoltSecurities/GoogleDorker

Configuration

To configure GoogleDorker, you need to provide your Google API keys and Search Engine IDs in a configuration file. By default, the tool automatically loads the configuration file from:

$HOME/.config/dorker/provider-config.yaml

You can specify a custom configuration file path using the -cp or –config-path flag.

google: [
    key1:cxid,
    key2:cxid,
    key3:cxid,
    key4:cxid,
    key5:cxid
]

Format 2 (Key-Value Pairs):

google:
  - key1:cxid
  - key2:cxid
  - key3:cxid
  - key4:cxid
  - key5:cxid

Custom Path for Configuration

If you want to load a configuration file from a custom location, use the -cp or –config-path flag as shown below:

dorker -cp /path/to/your/custom-config.yaml

This flexibility allows you to manage multiple configurations for different projects or environments efficiently.

How to Get API Keys and CSE-ID? Follow These Steps:

Configuring GoogleDorker requires Google API keys and a Custom Search Engine ID (CSE-ID). Below is a step-by-step guide to obtaining and setting them up:

Ensure you’re logged into your Google account in your browser before proceeding.

1. Visit the Programmable Search Engine.
2. Create a new search engine and choose the Search the entire web option, as shown below:

Once your search engine is successfully created:

1. Navigate to your search engine settings.
2. Copy the cx value (CSE-ID).
3. Add this value to your configuration YAML file under the Google-CSE-ID field, following the syntax provided.

1. Go to the Google Custom Search API.
2. Click on the Get Key button.
3. Create a new project with any name and proceed to the next step.
   Example of creating a project:

Once the API key is generated:

1. Click Show Key to reveal it.
2. Copy the API key and add it to your configuration YAML file under the Google-API field.

To maximize dorking efficiency:

• Repeat Step 4 to generate multiple API keys (recommended: at least 10).
• Each API key allows approximately 100 queries, so having multiple keys increases your query capacity.

Below is an example of how your configuration file should look:

google:
  - key1: cxid
  - key2: cxid
  - key3: cxid
  - key4: cxid
  - key5: cxid
  - key6: cxid
  - key7: cxid
  - key8: cxid
  - key9: cxid
  - key10: cxid

Once you’ve completed the configuration, you’re ready to use GoogleDorker.

Running Dorker

Pass a Single Query

You can pass queries using stdin by piping input into GoogleDorker.

Example:

echo "site:example.com inurl:admin" | dorker

For multiple queries:

echo -e "site:example.com inurl:admin\nsite:example.com inurl:login" | dorker

Summary of Flags for Query Input:

• -q, –query: Pass a single query string.
• -l, –list: Provide a file with a list of queries.
• stdin: Pipe input directly to GoogleDorker for dynamic queries.

Clone the repo from here: GitHub Link