A Python tool to automate some dorking stuff to find information disclosures.

Related tags

Security related resources open-source information-retrieval osint bug-bounty bugreport bugbounty information-gathering osint-resources information-gathering-tools webhacking osint-python osint-tool webdork web-osint hacke-rc
Overview


webdork
WebDork v1.0.3

A open-source tool to find publicly available sensitive information about Companies/Organisations!

WebDork

A Python tool to automate some dorking stuff to find information disclosures. Suggestions and issues are welcome because I know codes can never be perfect.

Note:

As a user of this tool you agree this terms:

I will not use it for any blackhat/unethical work
I will not disclose any information found by this tool

Not all results found by this tool are sensitive information. If you find any information using this tool you must verify it by yourself and check whether the information can really cause any major/minor harm to A company.

Example finds:

  • Backend related information.
  • Company's/Orgnisation's future/internal plans/mindmaps.
  • Internal tools.

Compatibility

Check your Python version by typing in

$ python --version

If you get the following

Python 3.9.0

or any version greater than or equal to 3.9, this script has been tested and confirmed to be supported.

Installation

For termux

pkg install git -y 
pkg install python -y 
git clone https://github.com/HACKE-RC/webdork
cd webdork
python termux-setup.py

For iSH

apk add git
apk add python3
apk add py3-pip
git clone https://github.com/HACKE-RC/webdork
cd webdork
python setup.py

For Debian-based GNU/Linux distributions

git clone https://github.com/HACKE-RC/webdork
cd webdork
sudo python3 setup.py

Usage:

Help menu of the tool

webdork -h
usage: main.py [-h] -cn Company name [-bw] [--show] [-o Output] [-v] [-s] [--no-save-output]

A python tool to automatically dork on a given company\'s name.

optional arguments:
  -h, --help            show this help message and exit
  -cn Company name, --company-name Company name
                        Name of the company
  -bw, --browser        Search the dorks in browser.
  --show                Print results from the dorks.
  -o Output             Output filename(default is dorkresults.txt).
  -v, --verbose         Turn verbose mode on.
  -s, --silent          Just save the results without printing anything.
  --no-save-output      Don\'t save the output in file.

Example usage:

webdork -cn Hackerone -bw --show -v -o output.txt

Arguments :

  • Company/Organisation name to search for : -cn
  • Open the dorks in browser : -bw, --browser
  • Show dork results in terminal : --show
  • Output filename : -o
  • Better output : -v, --verbose
  • Directly save the results without printing anything : -s, --silent
  • Do not save the result in any file : --no-save-output

Shoutout :

If you like my work consider contacting me on Twitter @coder_rc for donation related information.

Demonstrative Video:

Made with so much debugging by RC

You might also like...
DepFine Is a tool to find the unregistered dependency based on dependency confusion valunerablility and lead to RCE
DepFine Is a tool to find the unregistered dependency based on dependency confusion valunerablility and lead to RCE

DepFine DepFine Is a tool to find the unregistered dependency based on dependency confusion valunerablility and lead to RCE Installation: You Can inst

Hossam mesbah 14 Nov 11, 2022
Click-Jack - Automatic tool to find Clickjacking Vulnerability in various Web applications
Click-Jack - Automatic tool to find Clickjacking Vulnerability in various Web applications

CLICK-Jack It is a automatic tool to find Clickjacking Vulnerability in various

Prince Prafull 4 Jan 10, 2022
Automated tool to find & created Exploit Poc for Clickjacking Vulnerability
Automated tool to find & created Exploit Poc for Clickjacking Vulnerability

ClickJackPoc This tool will help you automate finding Clickjacking Vulnerability by just passing a file containing list of Targets . Once the Target i

Chirag Agrawal 24 Dec 19, 2022
A tool to find good RCE From my series: A powerful Burp extension to make bounties rain

A tool to find good RCE From my series: A powerful Burp extension to make bounties rain

null 52 Dec 16, 2022
A simple tool to audit Unix/*BSD/Linux system libraries to find public security vulnerabilities
A simple tool to audit Unix/*BSD/Linux system libraries to find public security vulnerabilities

master_librarian A simple tool to audit Unix/*BSD/Linux system libraries to find public security vulnerabilities. To install requirements: $ sudo pyth

CoolerVoid 167 Dec 19, 2022
Python lib to automate basic QFT calculations like Wick-contractions.

QFTools Python lib to automate basic QFT calculations like Wick-contractions. Features Wick contractions for real scalar fields Wick contractions for

null 2 Aug 21, 2022
This python script will automate the testing for the Log4J vulnerability for HTTP and HTTPS connections.

Log4J-Huntress-Automate-Script This python script will automate the testing for the Log4J vulnerability for HTTP and HTTPS connections. Pre-Requisits

null 1 Dec 16, 2021
AIL LeakFeeder: A Module for AIL Framework that automate the process to feed leaked files automatically to AIL

AIL LeakFeeder: A Module for AIL Framework that automates the process to feed leaked files automatically to AIL, So basically this feeder will help you ingest AIL with your leaked files automatically.

ail project 8 May 3, 2022
A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.
A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.

TProxer A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF. How • Install • Todo • Join Discord How it works

Krypt0mux 162 Nov 25, 2022
Comments
  • result showing some error

    result showing some error

    Hi, while executing command faced below error webdork -cn advancedmd --show -v -o Admoutput.txt

    Error:- Getting the results from dork -> inurl:gitlab "advancedmd" Traceback (most recent call last): File "/usr/bin/webdork", line 193, in all_links = Scanner.filtergoogle(all_links) File "/usr/bin/webdork", line 87, in filtergoogle actual_results.append(url[url.index(":http")+1:] ) ValueError: substring not found

    wontfix 
    opened by naveen12 2
Owner
Rahul rc
Just a kid who loves to hack and code.
Rahul rc
GitHub https://twitter.com/coder_rc
Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks.

Driver Buddy Reloaded Quickstart Table of Contents Installation Usage About Driver Buddy Reloaded Finding DispatchDeviceControl Labelling WDM & WDF St

Paolo 'VoidSec' Stagno 199 Jan 4, 2023
Collection Of Discord Hacking Tools / Fun Stuff / Exploits That Is Completely Made Using Python.

Venom Collection Of Discord Hacking Tools / Fun Stuff / Exploits That Is Completely Made Using Python. Report Bug · Request Feature Contributing Well,

PndaBoi 25 Dec 6, 2022
Password database With special stuff

This is a Password database I made for myself, as I want to keep all my passwords in the same place. but still protected, shall anyone get access to the file. And so I made this simple password database, that can encrypt, decrypt files, and generate Passwords, pin codes, and encryption keys. It took me about 4 - 6 months to make (Total I spent like 2 - 3 making it, but there were a lot of times where I did not work on the program) It is not 100% fine-tuned, but it works very well as is.

null 9 Oct 30, 2022
Yuyu Scanner is a Web Reconnaissance & Web Analysis Scanner to find assets and information about targets.

Yuyu Scanner Yuyu Scanner is a Web Reconnaissance & Web Analysis Scanner to find assets and information about targets. installation ! run as root

Justakazh 20 Nov 24, 2022
command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.

CVE-2021-36260 CVE-2021-36260 POC command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validatio

Aiminsun 165 Dec 21, 2022
Osint-Tool - Information collection tool in python

Osint-Tool Herramienta para la recolección de información Pronto más opciones In

null 3 Apr 9, 2022
Bandit is a tool designed to find common security issues in Python code.

A security linter from PyCQA Free software: Apache license Documentation: https://bandit.readthedocs.io/en/latest/ Source: https://github.com/PyCQA/ba

Python Code Quality Authority 4.8k Dec 31, 2022
Profil3r is an OSINT tool that allows you to find potential profiles of a person on social networks, as well as their email addresses 🕵️

Profil3r is an OSINT tool that allows you to find potential profiles of a person on social networks, as well as their email addresses. This program also alerts you to the presence of a data leak for the found emails.

null 1.1k Aug 24, 2021
A Tool to find subdomains from hackerone reports.

Hactivity A Tool to find subdomains from Hackerone reports of a given company or a search term (xss, ssrf, etc). It can also print out URL and Title o

Stinger 15 Jul 24, 2022
NexScanner is a tool which allows you to scan a website and find the admin login panel and sub-domains

NexScanner NexScanner is a tool which helps you scan a website for sub-domains and also to find login pages in the website like the admin login panel

null 8 Sep 3, 2022