A powerful command-line tool for Google dorking, enabling users to uncover hidden information and vulnerabilities with advanced search queries.
Project description
🔍 DumpDork
DumpDork is a powerful command-line tool for performing Google dorking, allowing users to uncover hidden information and vulnerabilities using advanced search queries directly from the terminal.
Features
- Effortless Querying: Construct complex search queries with ease using Google's powerful search operators.
- Customizable Results: Specify the number of results to retrieve, with a maximum limit of 300.
- Output Options: Save your findings in a neatly formatted JSON file for further analysis or reporting.
- No CAPTCHA Required: This script does not require users to complete CAPTCHA, making it easier to retrieve results without interruptions.
- Configurable Credentials: Manage your API credentials securely through a simple YAML configuration file.
- Interactive Setup Wizard: With an user-friendly wizard which guides you through the setup process, helping you configure your API credentials settings step-by-step.
Installation
Manual:
- Clone the repository:
git clone https://github.com/mateofumis/dumpdork.git
cd dumpdork
- Set up a virtual environment (optional but recommended):
python3 -m venv env
source env/bin/activate # On Windows use `.\env\Scripts\activate`
- Install dependencies:
pip3 install -r requirements.txt
Using pip/pipx install
- Install dumpdork with pip3
pip3 install dumpdork
# or as well with pipx
pipx install dumpdork
See this project in PyPi: https://pypi.org/project/dumpdork/
Configure your API credentials:
Create config.yaml file in ~/.config/dumpdork/config.yaml with the following structure:
rapidapi:
host: google-search74.p.rapidapi.com
key: "YOUR_RAPIDAPI_KEY"
How to get your credentials
- Visit https://rapidapi.com/auth/login/ and create an account or sign in.
- Once logged in, visit https://rapidapi.com/herosAPI/api/google-search74/playground and claim your FREE API credentials.
- Done! Now you can fill your
config.yamlwith your own credentials.
[*] See detailed instructions at: https://github.com/mateofumis/dumpdork/blob/main/API_SETUP_GUIDE.md
Usage
$: dumpdork
🔍 Welcome to DumpDork !!
Usage: dumpdork 'query' [--limit number] [--output filename.json] [--custom-config-file config.yaml]
Options:
query The search query.
--limit Number of results to return (default is 50. Limit: 300).
--output Output file to save results in JSON format.
--custom-config-file CUSTOM_CONFIG_FILE
Path to custom YAML config file containing API credentials. Default is: ~/.config/dumpdork/config.yaml
--wizard Set up your API key for dumpdork, step by step with easy.
📋 Examples:
$: dumpdork 'site:*.example.com AND (intext:"aws_access_key_id" | intext:"aws_secret_access_key" filetype:json | filetype:yaml) ' --limit 200 --output aws_credentials.json
$: dumpdork '(site:*.example.com AND -site:docs.example.com) AND (inurl:"/login" | inurl:"/signup" | inurl:"/admin" | inurl:"/register") AND (ext:php | ext:aspx)' --limit 300 --output sqli_forms.json
$: dumpdork 'site:*.example.com AND (intitle:"Index of /" | intitle:"index of") AND (intext:".log" | intext:".sql" | intext:".txt" | intext:".sh")' --custom-config-file ~/.config/dumpdork/config_files/credentials_01.yaml --output sensitive_files.json
Example Queries
- Search for AWS Leaked Credentials:
$: dumpdork 'site:*.example.com AND (intext:"aws_access_key_id" | intext:"aws_secret_access_key" filetype:json | filetype:yaml) ' --limit 200 --output aws_credentials.json
- Find SQL Injection Endpoints Forms:
$: dumpdork '(site:*.example.com AND -site:docs.example.com) AND (inurl:"/login" | inurl:"/signup" | inurl:"/admin" | inurl:"/register") AND (ext:php | ext:aspx)' --limit 300 --output sqli_forms.json
- Search for Sensitive Files or Logs:
$: dumpdork 'site:*.example.com AND (intitle:"Index of /" | intitle:"index of") AND (intext:".log" | intext:".sql" | intext:".txt" | intext:".sh")' --custom-config-file ~/.config/dumpdork/config_files/credentials_01.yaml --output sensitive_files.json
- Take a look at GHDB for more Dorks: https://www.exploit-db.com/google-hacking-database
License
This project is licensed under the Apache License 2.0 - see the LICENSE file for details.
Contributing
Contributions are welcome! Please feel free to submit a pull request or open an issue.
Support me with a virtual Coffee! ❤️
If you find this tool useful, consider supporting me with a coffee!
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file dumpdork-0.1.6.tar.gz.
File metadata
- Download URL: dumpdork-0.1.6.tar.gz
- Upload date:
- Size: 9.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
f5ab6d102eb06af55c2fe251a37b42bac2e647580bca8f58caad4ec2faa4d22e
|
|
| MD5 |
9089ba8b3533ab766e93edf1f4a50ad9
|
|
| BLAKE2b-256 |
2783fdc6e8734588256830e59e9554df2edd840d3c527bec05f9db865acd30f4
|
File details
Details for the file dumpdork-0.1.6-py3-none-any.whl.
File metadata
- Download URL: dumpdork-0.1.6-py3-none-any.whl
- Upload date:
- Size: 10.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
c3d16325f31fcbfe51d145b0afa1859bde6314590807818a42f8b1cd6ee8e44d
|
|
| MD5 |
f2c085643c5e91ca6fcddd3b52538ed1
|
|
| BLAKE2b-256 |
576dc11ca44cbd219480374ac0c2e029fdfd04041d6531a0082cd3f6755ae4bf
|
