Baron
Root
Yönetici
- Katılım
- 16 Şub 2024
- Mesajlar
- 8
- Tepkime puanı
- 0
Çevrimdışı
The fastest dork scanner written in Go.
There are also various search engines supported by go-dork, including Google, Shodan, Bing, Duck, Yahoo and Ask.
This will display help for the tool. Here are all the switches it supports.
Queries can also be input with stdin
This will do a search by the Bing engine.
It will search sequentially from pages 1 to 5.
There are also various search engines supported by go-dork, including Google, Shodan, Bing, Duck, Yahoo and Ask.
Install
- Download a prebuilt binary from releases page, unpack and run! or
- If you have Go 1.15+ compiler installed and configured:
Kod:
> GO111MODULE=on go install github.com/dwisiswant0/go-dork@latest
Usage
Basic Usage
It's fairly simple, go-dork can be run with:
Kod:
> go-dork -q "inurl:'...'"
Flags
Kod:
> go-dork -h
This will display help for the tool. Here are all the switches it supports.
Flag | Description |
---|---|
-q/--query | Search query (required) |
-e/--engine | Provide search engine (default: Google) |
(options: Google, Shodan, Bing, Duck, Yahoo, Ask) | |
-p/--page | Specify number of pages (default: 1) |
-H/--header | Pass custom header to search engine |
-x/--proxy | Use proxy to surfing |
-s/--silent | Silent mode, prints only results in output |
Querying
Kod:
> go-dork -q "inurl:..."
Queries can also be input with stdin
Kod:
> cat dorks.txt | go-dork -p 5
Defining engine
Search engine can be changed from the available engines: Google, Shodan, Bing, Duck, Yahoo, Ask. However, if the -e flag is not defined, it will use the Google search engine by default.
Kod:
> go-dork -e bing -q ".php?id="
This will do a search by the Bing engine.
Pagination
By default, go-dork scrapes the first page, you can customize using the -p flag.
Kod:
> go-dork -q "intext:'jira'" -p 5
It will search sequentially from pages 1 to 5.
Adding custom headers
Maybe you want to use a search filter on the Shodan engine, you can use custom headers to add cookies or other header parts.
Kod:
> go-dork -q "org:'Target' http.favicon.hash:116323821" \
--engine shodan -H "Cookie: ..." -H "User-Agent: ..."
Using proxy
Using a proxy, this can also be useful if Google or other engines meet Captcha.
Kod:
> go-dork -q "intitle:'BigIP'" -p 2 -x http://127.0.0.1:8989
Chained with other tools
If you want to chain the go-dork results with another tool, use the -s flag.
Kod:
> cat dorks.txt | go-dork | pwntools
> go-dork -q "inurl:'/secure' intext:'jira' site:org" -s | nuclei -t workflows/jira-exploitaiton-workflow.yaml
TODOs
- Fixes Yahoo regexes
- Fixes Google regexes if using custom User-Agent
- Stopping if there's no results & page flag was set
- DuckDuckGo next page
Son düzenleme: