Google, Shodan, and GitHub dork generator for pentesters and bug bounty hunters
Project description
๐ฏ gitdork
Google, Shodan, and GitHub dork generator. Feed it a repo URL or domain โ get ready-to-use dork queries targeting exposed secrets, sensitive files, open directories, and misconfigs. Built for pentesters and bug bounty hunters.
Features
- ๐ Google dorks โ
site:,filetype:,intitle:,inurl:across 8 categories - ๐ Shodan dorks โ
hostname:,port:,ssl:,product:for infra recon - ๐ GitHub code search โ
org:,filename:,extension:for secret hunting - ๐ง Tech stack detection โ fetch GitHub metadata to generate tech-specific dorks
- ๐๏ธ Category filtering โ focus on secrets, misconfigs, login panels, or any combo
- โ๏ธ Engine filtering โ run just Google, just Shodan, or all three
- ๐ Multiple output formats โ terminal (Rich), JSON, Markdown
- ๐ Clickable URLs โ every dork includes a direct search link
Installation
pip install gitdork
Or from source:
git clone https://github.com/ExploitCraft/gitdork
cd gitdork
pip install -e .
Quick Start
# Generate dorks for a domain
gitdork generate example.com
# Generate dorks for a GitHub org/repo
gitdork generate ExploitCraft/ReconNinja
# Google dorks only
gitdork generate example.com --engine google
# Secrets and misconfigs only
gitdork generate example.com --category secrets,misconfigs
# Enrich with GitHub API (detects tech stack for extra dorks)
gitdork generate ExploitCraft/ReconNinja --enrich
# Export to JSON
gitdork generate example.com --format json --output dorks.json
# Export to Markdown (great for reports)
gitdork generate example.com --format markdown --output dorks.md
# Group output by category instead of engine
gitdork generate example.com --group-by category
Example Output
โญโ gitdork โ Google, Shodan & GitHub dork generator โโฎ
Target: example.com
โโ GOOGLE โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
# CATEGORY DESCRIPTION QUERY
1 Secrets & Creds API keys in GitHub site:github.com "example.com" "api_key"
2 Sensitive Files .env files exposed site:example.com filetype:env
3 Sensitive Files Log files exposed site:example.com filetype:log
4 Exposed Dirs Open directory listings site:example.com intitle:"index of /"
5 Misconfigurations phpMyAdmin exposed site:example.com inurl:phpMyAdmin
...
โโ SHODAN โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
# CATEGORY DESCRIPTION QUERY
1 Subdomains All hosts under this domain hostname:"example.com"
2 Misconfigs SSH exposed hostname:"example.com" port:22
3 Misconfigs Redis exposed (often no auth) hostname:"example.com" port:6379
...
โญโ Summary โโโโโโโโโโโโโโโโโโโโโโโฎ
Total dorks 97
Google 42
Shodan 31
GitHub 24
โฐโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฏ
Categories
| ID | Description |
|---|---|
secrets |
API keys, tokens, passwords, private keys |
sensitive_files |
.env, .sql, .log, .bak, config files |
exposed_dirs |
Open directory listings |
misconfigs |
phpMyAdmin, Jenkins, Grafana, Docker API, debug mode |
login_panels |
Admin panels, login pages |
error_pages |
Stack traces, PHP errors, SQL errors |
subdomains |
Subdomain enumeration, infra discovery |
code_leaks |
TODO credentials, internal-only code |
# View all categories
gitdork list-categories
# View all engines
gitdork list-engines
CLI Reference
Usage: gitdork [OPTIONS] COMMAND [ARGS]...
Commands:
generate Generate dorks for a target
list-categories List all available categories
list-engines List all supported engines
Options for generate:
TARGET Domain, GitHub org/repo, or URL
--engine, -e google,shodan,github (default: all)
--category, -c Comma-separated category filter
--format terminal | json | markdown (default: terminal)
--output, -o Write to file
--group-by engine | category (default: engine)
--enrich Fetch GitHub metadata for tech-stack dorks
--token GitHub token for enrichment (or GITHUB_TOKEN env)
Tech Stack Detection
With --enrich, gitdork queries the GitHub API to detect the repo's language, topics, and description โ then generates additional targeted dorks:
| Tech | Extra dorks |
|---|---|
django |
DEBUG mode, SECRET_KEY, ALLOWED_HOSTS |
wordpress |
wp-config.php, upload PHP shells |
laravel |
.env APP_KEY |
aws |
aws_access_key_id in code |
kubernetes |
API server, Shodan product query |
terraform |
tfvars with secrets |
# Use your GitHub token for higher API rate limits
export GITHUB_TOKEN=ghp_...
gitdork generate ExploitCraft/ReconNinja --enrich
Part of the HackerInc/ExploitCraft Ecosystem
| Tool | Description |
|---|---|
| envleaks | Codebase & git history secret scanner |
| gitdork | Google/Shodan dork generator (this repo) |
| wifi-passview | Cross-platform WiFi credential dumper |
| ReconNinja | ReconNinja v6 โ 21-phase recon framework |
| VaultHound | Secret & credential scanner |
Disclaimer
gitdork generates search queries only โ it does not perform any active scanning or exploitation. Use responsibly, only against targets you own or have explicit written permission to test.
License
MIT ยฉ ExploitCraft
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
gitdork-1.0.0.tar.gz
(17.5 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
gitdork-1.0.0-py3-none-any.whl
(19.2 kB
view details)
File details
Details for the file gitdork-1.0.0.tar.gz.
File metadata
- Download URL: gitdork-1.0.0.tar.gz
- Upload date:
- Size: 17.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
f8f971b2ccd937c4fe470a326277637ee2ea3e33a245cd0ac21f417cb30c581e
|
|
| MD5 |
2bd92f20d298e24bcd74b6fb1d00e356
|
|
| BLAKE2b-256 |
277eede8c7d9145f815de246a34a131e329809547fa210a0abd547f2fab82204
|
File details
Details for the file gitdork-1.0.0-py3-none-any.whl.
File metadata
- Download URL: gitdork-1.0.0-py3-none-any.whl
- Upload date:
- Size: 19.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
28be44aea621f9873f6ba1df1cd163efdd808888b47d65e3ade37def3519f649
|
|
| MD5 |
329e5c45558e0d5fab7bf4e9428a6134
|
|
| BLAKE2b-256 |
767277fafcfe597a7b763b39d24831b4213cc3217557efbda2e9ca5616ac12e0
|
