A Python tool to automate some dorking stuff to find information disclosures.

Overview


webdork
WebDork v1.0.3

A open-source tool to find publicly available sensitive information about Companies/Organisations!

WebDork

A Python tool to automate some dorking stuff to find information disclosures. Suggestions and issues are welcome because I know codes can never be perfect.

Note:

As a user of this tool you agree this terms:

I will not use it for any blackhat/unethical work
I will not disclose any information found by this tool

Not all results found by this tool are sensitive information. If you find any information using this tool you must verify it by yourself and check whether the information can really cause any major/minor harm to A company.

Example finds:

  • Backend related information.
  • Company's/Orgnisation's future/internal plans/mindmaps.
  • Internal tools.

Compatibility

Check your Python version by typing in

$ python --version

If you get the following

Python 3.9.0

or any version greater than or equal to 3.9, this script has been tested and confirmed to be supported.

Installation

For termux

pkg install git -y 
pkg install python -y 
git clone https://github.com/HACKE-RC/webdork
cd webdork
python termux-setup.py

For iSH

apk add git
apk add python3
apk add py3-pip
git clone https://github.com/HACKE-RC/webdork
cd webdork
python setup.py

For Debian-based GNU/Linux distributions

git clone https://github.com/HACKE-RC/webdork
cd webdork
sudo python3 setup.py

Usage:

Help menu of the tool

webdork -h
usage: main.py [-h] -cn Company name [-bw] [--show] [-o Output] [-v] [-s] [--no-save-output]

A python tool to automatically dork on a given company\'s name.

optional arguments:
  -h, --help            show this help message and exit
  -cn Company name, --company-name Company name
                        Name of the company
  -bw, --browser        Search the dorks in browser.
  --show                Print results from the dorks.
  -o Output             Output filename(default is dorkresults.txt).
  -v, --verbose         Turn verbose mode on.
  -s, --silent          Just save the results without printing anything.
  --no-save-output      Don\'t save the output in file.

Example usage:

webdork -cn Hackerone -bw --show -v -o output.txt

Arguments :

  • Company/Organisation name to search for : -cn
  • Open the dorks in browser : -bw, --browser
  • Show dork results in terminal : --show
  • Output filename : -o
  • Better output : -v, --verbose
  • Directly save the results without printing anything : -s, --silent
  • Do not save the result in any file : --no-save-output

Shoutout :

If you like my work consider contacting me on Twitter @coder_rc for donation related information.

Demonstrative Video:

Made with so much debugging by RC

Owner
Rahul rc
Just a kid who loves to hack and code.
Rahul rc
Übersicht remote command execution 0day exploit

Übersicht RCE 0day Unauthenticated remote command execution 0day exploit for Übersicht. Description Übersicht is a desktop widget application for m

BoofGang 10 Dec 21, 2021
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user

About Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user Changed from sam-the-admin. Usage SAM THE ADMIN CVE-202

Evi1cg 500 Jan 06, 2023
Multi-Process Vulnerability Tool

Multi-Process Vulnerability Tool

Baris Dincer 1 Dec 22, 2021
An OSINT tool that searches for devices directly connected to the internet (IoT) with a user specified query. It returns results for Webcams, Traffic lights, Refridgerators, Smart TVs etc.

An OSINT tool that searches for devices directly connected to the internet (IoT) with a user specified query. It returns results for Webcams, Traffic

Richard Mwewa 48 Nov 20, 2022
Visibility and Mitigation for Log4J vulnerabilities

Visibility and Mitigation for Log4J vulnerabilities Several scripts for the visibility and mitigation of Log4J vulnerabilities. Static Scanner - Linux

SentinelLabs 15 May 21, 2022
#whois it? Let's find out!

whois_bot #whois it? Let's find out! Currently in development: a gatekeeper bot for a community (https://t.me/IT_antalya) of 250+ expat IT pros of Ant

Kirill Nikolaev 14 Jun 24, 2022
Fast python tool to test apache path traversal CVE-2021-41773 in a List of url

CVE-2021-41773 Fast python tool to test apache path traversal CVE-2021-41773 in a List of url Usage :- create a live urls file and use the flag "-l" p

Zahir Tariq 12 Nov 09, 2022
This enforces signatures for CVE-2021-44228 across all policies on a BIG-IP ASM device

f5-waf-enforce-sigs-CVE-2021-44228 This enforces signatures for CVE-2021-44228 across all policies on a BIG-IP ASM device Overview This script enforce

Ismael Gonçalves 5 Mar 31, 2022
FOSSLight Scanner performs open source analysis after downloading the source by passing a link that can be cloned by wget or git.

FOSSLight Scanner Analyze at once for Open Source Compliance. FOSSLight Scanner performs open source analysis after downloading the source by passing

FOSSLight 8 Nov 03, 2022
Undetectable Keylogger that reports to Discord

FUD Keylogger That Reports To Discord This python script will capture all of the keystrokes within a given time frame and report them to a Discord Ser

Dimitris Kalopisis 36 Dec 20, 2022
These are Simple python scripts to test/scan your network

Disclaimer This tool is for Educational purpose only. We do not promote or encourage any illegal activities. Summary These are Simple python scripts t

Varun Jagtap 5 Oct 08, 2022
pybotnet - A Python Library for building Botnet , Trojan or BackDoor for windows and linux with Telegram control panel

pybotnet A Python Library for building botnet , trojan or backdoor for windows and linux with Telegram control panel Disclaimer: Please note that this

</oNion 181 Jan 02, 2023
BloodyAD is an Active Directory Privilege Escalation Framework

BloodyAD Framework BloodyAD is an Active Directory Privilege Escalation Framework, it can be used manually using bloodyAD.py or automatically by combi

757 Jan 07, 2023
Log4jScanner is a Log4j Related CVEs Scanner, Designed to Help Penetration Testers to Perform Black Box Testing on given subdomains.

Log4jScanner Log4jScanner is a Log4j Related CVEs Scanner, Designed to Help Penetration Testers to Perform Black Box Testing on given subdomains. Disc

Pushpender Singh 35 Dec 12, 2022
A Modified version of TCC's Osprey poc framework......

fierce-fish fierce-fish是由TCC(斗象能力中心)出品并维护的开源漏洞检测框架osprey的改写,去掉臃肿功能的精简版本poc框架 PS:真的用不惯其它臃肿的功能,不过作为一个收集漏洞poc && exp的框架还是非常不错的!!! osprey For beginners fr

lUc1f3r11 10 Dec 30, 2022
CVE-2022-22536 - SAP memory pipes(MPI) desynchronization vulnerability CVE-2022-22536

CVE-2022-22536 SAP memory pipes desynchronization vulnerability(MPI) CVE-2022-22

antx 49 Nov 09, 2022
Scan your logs for CVE-2021-44228 related activity and report the attackers

jndiRep - CVE-2021-44228 Basically a bad grep on even worse drugs. search for malicious strings decode payloads print results to stdout or file report

js-on 2 Nov 24, 2022
宝塔面板Windows版提权方法

宝塔面板Windows提权方法 本项目整理一些宝塔特性,可以在无漏洞的情况下利用这些特性来增加提权的机会。

298 Dec 14, 2022
This is python script that will extract the functions call in all used DLL in an executable and then provide a mapping of those functions to the attack classes defined and curated malapi.io.

F2Amapper This is python script that will extract the functions call in all used DLL in an executable and then provide a mapping of those functions to

Ajit Kumar 3 Sep 03, 2022
Python Library For Ethical Hacker

Python Library For Ethical Hacker

11 Nov 03, 2022