Skip to content
/ ghdb Public

Web dorking by Google Hacking Database Issue [Exploit-DB]

License

MIT license
1 star 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

RAVIPRAJ/ghdb

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
ghdb.py
ghdb.py
 
 
requirements.txt
requirements.txt
 
 
sqli.py
sqli.py
 
 
sqli.txt
sqli.txt
 
 

Repository files navigation

GHDB ICON

Intermezzo

A few moments ago I was mentored by Digit Oktavianto about Cyber Threat Methods, on that opportunity I was told about Google Dorking. He inspired me to create a tools that can automatically check web vulnerabilities by leveraging the Google Hacking Database from Exploit-DB. This tools also can be used as early warning system for system security based on update information from Google Hacking Database [Exploid-DB]. Once again I am very grateful about sharing experiences together.

Tools preview:

After processing using Elastic and Kibana

Methods

The techniques used in this tool are as follows:

  • Crawling Google Hacking Database from Exploit-DB
  • Using crawling results and combines with the target domain to become a search keyword
  • Crawling Google Result based on keyword using Barbarossa
  • Display results on screen or save to file

Requirements

  • Python > 3.6
  • I try this tools in Windows OS.

Installation

1.Clone and Install Requirements

git clone https://github.com/nalonal/ghdb.git
cd ghdb
pip install -r requirements.txt

2.Running Script to Create Cookie.txt File

Run the python script

python ghdb.py

create token file

3.Copy Facebook Developer Tools Token to Cookie.txt

open Facebook Developers Tools in browser and press Ctrl+i or Ctrl+Shift+i enter image description here Open file cookie.txt and paste Facebook Developers Tools Cookie to string text paste_here_without_enter

4.Create ghbdb.txt Database and Update Google Hacking Database from Exploit

Run again python script

python ghdb.py

After update cookie success then system will update GHDB and produce ghdb.txt it will take about 1-2 minute enter image description here

5.Running File

5.1 Running GHDB Dorking

Running help

python ghdb.py -h

Running GHDB but just print screen the result

ghdb.py -d <domain or list domain separate using ',' or you can use file with .txt extension>
example: ghdb.py -d example.com
example: ghdb.py -d example1.com,example2.com
example: ghdb.py -d mylistdomain.txt

Running GHDB and save the result to file

ghdb.py -d <domain or list domain separate using ',' or you can use file with .txt extension> -o <outputfile>
example: ghdb.py -d example.com -o result.txt
example: ghdb.py -d example1.com,example2.com -o result.txt
example: ghdb.py -d mylistdomain.txt -o result.txt

5.2 Running SQLi Dorking

Running help

python sqli.py -h

Running GHDB but just print screen the result

sqli.py -d <domain or list domain separate using ',' or you can use file with .txt extension>
example: sqli.py -d example.com
example: sqli.py -d example1.com,example2.com
example: sqli.py -d mylistdomain.txt

Running GHDB and save the result to file

sqli.py -d <domain or list domain separate using ',' or you can use file with .txt extension> -o <outputfile>
example: sqli.py -d example.com -o result.txt
example: sqli.py -d example1.com,example2.com -o result.txt
example: sqli.py -d mylistdomain.txt -o result.txt

Disclaimer

This script is used as an early warning system based on updating information from the Google Hacking Database [Exploit-DB]. Please use it as wisely as possible

About

Web dorking by Google Hacking Database Issue [Exploit-DB]

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages