GoogleDorker - Unleash the power of Google dorking for ethical hackers with custom search precision.
GoogleDorker is a powerful command-line tool tailored for bug hunters and penetration testers, enabling efficient Google Dorking. It allows users to perform advanced, targeted searches to gather critical information about their targets. By leveraging Google's APIs, GoogleDorker simplifies comprehensive reconnaissance and enhances the effectiveness of vulnerability assessments for cybersecurity professionals.
- Asynchronous Google Dorking: Perform advanced and efficient searches using Google Dorks with high performance, powered by asynchronous processing.
- Bug Hunting and Reconnaissance: Discover valuable intelligence, potential vulnerabilities, and misconfigurations during ethical hacking and penetration testing.
- Real-Time Progress Tracking: Keep track of task progression with live updates for smooth operation.
- Cross-Platform Compatibility: Fully compatible with all major operating systems, requiring no additional dependencies.
- Customizable Search Queries: Fine-tune Google Dorks for targeted searches and precise results.
dorker -h
__ __
____/ / ____ _____ / /__ ___ _____
/ __ / / __ \ / ___/ / //_/ / _ \ / ___/
/ /_/ / / /_/ / / / / ,< / __/ / /
\__,_/ \____/ /_/ /_/|_| \___/ /_/
- RevoltSecurities
[DESCRIPTION]: GoogleDorker - Unleash the power of Google dorking for ethical hackers with custom search precision.
[USAGE]:
dorker [flags]
[FLAGS]:
[INPUT]:
-q, --query : single dorking query for Dorker to search
-l, --list : filename that contains list of dorks with target name
stdin/stdout : Dorker now supports stdin/stdout for reading dorks
[OUTPUT]:
-o, --output : filename to save the outputs.
[Rate-Limits]:
-t, --threads : set the concurrency level for dorking (default 20)
[OPTIMIZATION]:
-t, --timeout : timeout value for every sources requests (default: 15).
-d, --delay : specify a delay value between each requests (default: 1)
[UPDATE]:
-up, --update : updates Dorker tool to latest version (info: requires pip to be insalled).
[CONFIG]:
-px, --proxy : http proxy to use with Dorker's each request
-cp, --config-path : custom path of config file for Dorker to read api keys (default path: $HOME.config/dorker/provider-config.yaml).
[DEBUG]:
-h, --help : displays this help message and exits
-s, --silent : disables showing banner and version of Dorker
-v, --verbose : enable to increase the verbosity of the Dorker
PIP:
pip install git+https://github.com/RevoltSecurities/GoogleDorker --break-system-packages
PIPX:
pipx install git+https://github.com/RevoltSecurities/GoogleDorker
To configure GoogleDorker, you need to provide your Google API keys and Search Engine IDs in a configuration file. By default, the tool automatically loads the configuration file from:
$HOME/.config/dorker/provider-config.yaml
You can specify a custom configuration file path using the -cp
or --config-path
flag.
Define the API keys and Search Engine IDs in one of the following formats:
google: [
key1:cxid,
key2:cxid,
key3:cxid,
key4:cxid,
key5:cxid
]
google:
- key1:cxid
- key2:cxid
- key3:cxid
- key4:cxid
- key5:cxid
If you want to load a configuration file from a custom location, use the -cp
or --config-path
flag as shown below:
dorker -cp /path/to/your/custom-config.yaml
This flexibility allows you to manage multiple configurations for different projects or environments efficiently.
Configuring GoogleDorker requires Google API keys and a Custom Search Engine ID (CSE-ID). Below is a step-by-step guide to obtaining and setting them up:
Ensure you're logged into your Google account in your browser before proceeding.
-
Visit the Programmable Search Engine.
-
Create a new search engine and choose the Search the entire web option, as shown below:
Once your search engine is successfully created:
- Navigate to your search engine settings.
- Copy the cx value (CSE-ID).
- Add this value to your configuration YAML file under the Google-CSE-ID field, following the syntax provided.
-
Go to the Google Custom Search API.
-
Click on the Get Key button.
-
Create a new project with any name and proceed to the next step.
Example of creating a project:
Once the API key is generated:
- Click Show Key to reveal it.
- Copy the API key and add it to your configuration YAML file under the Google-API field.
To maximize dorking efficiency:
- Repeat Step 4 to generate multiple API keys (recommended: at least 10).
- Each API key allows approximately 100 queries, so having multiple keys increases your query capacity.
Below is an example of how your configuration file should look:
google:
- key1: cxid
- key2: cxid
- key3: cxid
- key4: cxid
- key5: cxid
- key6: cxid
- key7: cxid
- key8: cxid
- key9: cxid
- key10: cxid
Once you've completed the configuration, you're ready to use GoogleDorker.
To pass a single query directly via the command line, use the -q
or --query
flag followed by the query string.
Example:
dorker -q "site:example.com inurl:admin"
Use the -l
or --list
flag followed by the path to a file containing multiple queries. Each line in the file should represent a separate query.
Example:
dorker -l queries.txt
You can pass queries using stdin by piping input into GoogleDorker.
Example:
echo "site:example.com inurl:admin" | dorker
For multiple queries:
echo -e "site:example.com inurl:admin\nsite:example.com inurl:login" | dorker
-q, --query
: Pass a single query string.-l, --list
: Provide a file with a list of queries.stdin
: Pipe input directly to GoogleDorker for dynamic queries.
Encountering any issues? Create a new issue in the GoogleDorker repository and describe the problem you’re facing. Your concerns will be addressed promptly to ensure smooth usage of the tool.
This tool is developed by RevoltSecurities. If you enjoy using GoogleDorker, don’t forget to explore more tools in our repository designed specifically for bug hunters and penetration testers.
Show your support by giving this project a ⭐ on GitHub! Your encouragement inspires us to create more innovative tools for the cybersecurity community.
Check out Subdominator for powerful subdomain enumeration and much more tools by us! Thank you to all our supporters!