Need help with sitedorks?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

Zarcolio
194 Stars 43 Forks GNU General Public License v3.0 724 Commits 0 Opened issues

Description

Search Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term with a default set of websites, bug bounty programs or a custom collection.

Services available

!
?

Need anything else?

Contributors list

No Data

About sitedorks

Search Google, Bing, Ecosia, Yahoo or Yandex for a search term with several websites. A default list is already provided, which contains Github, Gitlab, Surveymonkey, Trello etc etc. Currently, a default list of 361 dorkable websites is available. By default, the following categories are on file:

  • analysis(11)
  • cloud(47)
  • comm(38)
  • dev(58)
  • docs(44)
  • edu(6)
  • forms(12)
  • orgs(26)
  • other(6)
  • remote(1)
  • shortener(29)
  • social(74)
  • storage(9)

Why use sitedorks?

Why wouldn't you just enter dorks for several websites manually? Because: * It's really easy to query different search engines. * Dorks can be executed per 1 or more categories. * It's easy to create different input files for different uses. * Adding new websites to your search query can be arranged by just adding them to an input file. * It already has a lot of dorkable websites included. * The list with dorkable websites is updated regularly. * Some search engines ignore too many keywords/characters in a query and with argument -count it's easy to split your dork into more queries. * It contains a list for several bug bounty platforms. With 1 command you can search domains of programs on several bug bounty platforms :) * Because you want to help plant more trees using the search engine Ecosia (Bing based)

Install

Sitedorks should be able to run with a default Kali Linux installation using Python 3 without installing additional Python packages. Just run:

git clone https://github.com/Zarcolio/sitedorks
cd sitedorks
bash install.sh
If you're running into trouble running sitedorks, please drop me an issue and I'll try to fix it :)

Usage

usage: sitedorks [-h] [-cat ] [-cats] [-count ] [-engine ] [-file ]
[-query ] [-site ] [-excl ] [-echo]

Use your favorite search engine to search for a search term with different websites. Use single quotes around a query with double quotes. Be sure to enclose a query with single quotes it contains shell control characters like space, ';', '>', '|', etc.

optional arguments: -h, --help Show this help message, print categories on file (add -file to check other CSV file) and exit. -cat Choose from 1 or more categories, use ',' (comma) as delimiter. Defaults to all categories. -cats Show all categories on file, use with or without -file. -count How many websites are searched per query. Google has a maximum length for queries. -engine Search with 'google', 'baidu', 'bing', 'bing-ecosia', 'duckduckgo' 'yahoo' or 'yandex', defaults to 'google'. -file Enter a custom website list. -query Enter a mandatory search term. -site Turn the 'site:' operator 'on' or 'off', or replace it with 'inurl:' (only for Google), defaults to 'on'. -excl Excluded these domains from the search query. -echo Prints the search query URLs, for further use like piping or bookmarking. -ubb Updates bug bounty files (in en out scope) and exits. Uses bbrecon. -wait Wait x seconds, defaults to 5 seconds.

Examples

Small warning here: if you don't use -cat sitedorks will open a lot of tabs in your browser and probably will make Google throw you a CAPTCHA. Increase waiting time with option '-wait' to decrease the chance of getting a CAPTCHA.

Want to look for "uber.com" with different sites containing all kinds of content using Google? Use the following command:

sitedorks -query '"uber.com"'
Want to look for "uber website" (with quotes and spaces in the query)? Use the following command:
sitedorks -query '"uber website"'
Want to search for communication invites with Yandex but leave site: out of the query? Just use the following command:
sitedorks -cat comm -site disable -engine yandex -query uber
And if you want to see which categories are on file, for example with the hackerone platform:
sitedorks -file sitedorks-bbrecon.csv -cats
If you want to download/update the bug bounty files, you can use the -ubb parameter (it uses bbrecon):
sitedorks -ubb
The -ubb argument creates two files: sitedorks-bbrecon-inscope.csv and sitedorks-bbrecon-outscope.csv. Use the following command for finding exploitable systems or juicy info (always check if a system is in scope, although these these domains are in scope, it doesn't always mean that this subdomain or system is):
sitedorks -file sitedorks-bbrecon-inscope.csv -cat somevdp -query "exploitable systems/juicy info"
Use this command for finding juicy info only, because these domains are out of scope:
sitedorks -file sitedorks-bbrecon-outscope.csv -cat somevdp -query "juicy info"

Google Dorks

Don't know what to look for? Try: * https://twitter.com/hashtag/googledork%20OR%20%23googledorks * https://gbhackers.com/latest-google-dorks-list

Contribute?

Do you have some usefull additions to the script or to the list of dorkable websites, please send in a pull request to help make this script better or contact me @ Twitter :)

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.