Google, Shodan, and GitHub dork generator for pentesters and bug bounty hunters
Project description
ExploitCraft ยท Bangladesh ยท Building tools that matter ๐ Full documentation at doc.emonpersonal.xyz
๐ฏ gitdork
Google, Shodan, and GitHub dork generator. Feed it a repo URL or domain โ get ready-to-use dork queries targeting exposed secrets, sensitive files, open directories, and misconfigs. Built for pentesters and bug bounty hunters.
Features
- ๐ Google dorks โ
site:,filetype:,intitle:,inurl:across 8 categories - ๐ Shodan dorks โ
hostname:,port:,ssl:,product:for infra recon - ๐ GitHub code search โ
org:,filename:,extension:for secret hunting - ๐ง Tech stack detection โ fetch GitHub metadata to generate tech-specific dorks
- ๐๏ธ Category filtering โ focus on secrets, misconfigs, login panels, or any combo
- โ๏ธ Engine filtering โ run just Google, just Shodan, or all three
- ๐ Multiple output formats โ terminal (Rich), JSON, Markdown
- ๐ Clickable URLs โ every dork includes a direct search link
Installation
pip install gitdork
Or from source:
git clone https://github.com/ExploitCraft/gitdork
cd gitdork
pip install -e .
Quick Start
# Generate dorks for a domain
gitdork generate example.com
# Generate dorks for a GitHub org/repo
gitdork generate ExploitCraft/ReconNinja
# Google dorks only
gitdork generate example.com --engine google
# Secrets and misconfigs only
gitdork generate example.com --category secrets,misconfigs
# Enrich with GitHub API (detects tech stack for extra dorks)
gitdork generate ExploitCraft/ReconNinja --enrich
# Export to JSON
gitdork generate example.com --format json --output dorks.json
# Export to Markdown (great for reports)
gitdork generate example.com --format markdown --output dorks.md
# Group output by category instead of engine
gitdork generate example.com --group-by category
Example Output
โญโ gitdork โ Google, Shodan & GitHub dork generator โโฎ
Target: example.com
โโ GOOGLE โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
# CATEGORY DESCRIPTION QUERY
1 Secrets & Creds API keys in GitHub site:github.com "example.com" "api_key"
2 Sensitive Files .env files exposed site:example.com filetype:env
3 Sensitive Files Log files exposed site:example.com filetype:log
4 Exposed Dirs Open directory listings site:example.com intitle:"index of /"
5 Misconfigurations phpMyAdmin exposed site:example.com inurl:phpMyAdmin
...
โโ SHODAN โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
# CATEGORY DESCRIPTION QUERY
1 Subdomains All hosts under this domain hostname:"example.com"
2 Misconfigs SSH exposed hostname:"example.com" port:22
3 Misconfigs Redis exposed (often no auth) hostname:"example.com" port:6379
...
โญโ Summary โโโโโโโโโโโโโโโโโโโโโโโฎ
Total dorks 97
Google 42
Shodan 31
GitHub 24
โฐโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฏ
Categories
| ID | Description |
|---|---|
secrets |
API keys, tokens, passwords, private keys |
sensitive_files |
.env, .sql, .log, .bak, config files |
exposed_dirs |
Open directory listings |
misconfigs |
phpMyAdmin, Jenkins, Grafana, Docker API, debug mode |
login_panels |
Admin panels, login pages |
error_pages |
Stack traces, PHP errors, SQL errors |
subdomains |
Subdomain enumeration, infra discovery |
code_leaks |
TODO credentials, internal-only code |
# View all categories
gitdork list-categories
# View all engines
gitdork list-engines
CLI Reference
Usage: gitdork [OPTIONS] COMMAND [ARGS]...
Commands:
generate Generate dorks for a target
list-categories List all available categories
list-engines List all supported engines
Options for generate:
TARGET Domain, GitHub org/repo, or URL
--engine, -e google,shodan,github (default: all)
--category, -c Comma-separated category filter
--format terminal | json | markdown (default: terminal)
--output, -o Write to file
--group-by engine | category (default: engine)
--enrich Fetch GitHub metadata for tech-stack dorks
--token GitHub token for enrichment (or GITHUB_TOKEN env)
Tech Stack Detection
With --enrich, gitdork queries the GitHub API to detect the repo's language, topics, and description โ then generates additional targeted dorks:
| Tech | Extra dorks |
|---|---|
django |
DEBUG mode, SECRET_KEY, ALLOWED_HOSTS |
wordpress |
wp-config.php, upload PHP shells |
laravel |
.env APP_KEY |
aws |
aws_access_key_id in code |
kubernetes |
API server, Shodan product query |
terraform |
tfvars with secrets |
# Use your GitHub token for higher API rate limits
export GITHUB_TOKEN=ghp_...
gitdork generate ExploitCraft/ReconNinja --enrich
Part of the HackerInc/ExploitCraft Ecosystem
| Tool | Description |
|---|---|
| envleaks | Codebase & git history secret scanner |
| gitdork | Google/Shodan dork generator (this repo) |
| wifi-passview | Cross-platform WiFi credential dumper |
| ReconNinja | ReconNinja v6 โ 21-phase recon framework |
| VaultHound | Secret & credential scanner |
Disclaimer
gitdork generates search queries only โ it does not perform any active scanning or exploitation. Use responsibly, only against targets you own or have explicit written permission to test.
License
MIT ยฉ ExploitCraft
ExploitCraft ยท Bangladesh ยท Building tools that matter ๐ Full documentation at doc.emonpersonal.xyz
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
gitdork-1.1.0.tar.gz
(18.2 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
gitdork-1.1.0-py3-none-any.whl
(19.4 kB
view details)
File details
Details for the file gitdork-1.1.0.tar.gz.
File metadata
- Download URL: gitdork-1.1.0.tar.gz
- Upload date:
- Size: 18.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
4e933026e59ce6033cb412c974fad5301cee4909709964dd8d56fcb3780f7c38
|
|
| MD5 |
7905f11cd674fb326ffe88182d83891c
|
|
| BLAKE2b-256 |
3935ca35e4ac7299fe3a37706402919b0d6d5c42bad800f33cead6249b60e389
|
File details
Details for the file gitdork-1.1.0-py3-none-any.whl.
File metadata
- Download URL: gitdork-1.1.0-py3-none-any.whl
- Upload date:
- Size: 19.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
9b724e01aabbae4b614e7f5d5cee6a4d2b8eea7563951e64c9db8a5bef4a1132
|
|
| MD5 |
df37ed59aefef9cabc9d221abe92cdc1
|
|
| BLAKE2b-256 |
ab32bef88ffccf1735e5434ecd6e2a45687b9a40de1c49b406abf23f4d026030
|
