├── .gitignore
├── README.md
├── SDork
├── extract.py
├── files
    ├── fi.speedx
    ├── sqli.speedx
    └── xss.speedx
└── vuln.py


/.gitignore:
--------------------------------------------------------------------------------
1 | SDList.txt
2 | SDSQLi.txt
3 | update.speedx
4 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # SuperDorker
 2 | This is a Advanced Google Dorker and Vulnerability Scanner
 3 | This could get you huge lists of vulnerable websites
 4 | 
 5 | This Script is Only For Educational Purposes or Super Dorker is a Tool which finds the list of website according to your given GOOGLE dork. This can be used for Finding SQLi , XSS , LFI/RFI Vulnerable Websites.
 6 | 
 7 |  Each page of generated dorks contains about 10 Websites. So if you type 1 page it gives 10 websites , 2 page gives 20 websites, etc.
 8 | 
 9 |  Website Vulnerablity Scanner Scans only For SQLi Vulnerablity. It will Soon Be Updated To Scan For Other Vulnerabilities. Keep Supporting ME ;-)
10 | 
11 | # Requirements
12 | 
13 | -Any Linux Terminal
14 | -Packages Like curl python2 figlet toilet  installed
15 | 	For Linux```sudo apt-get curl python2 figlet toilet```
16 | 	For Termux Packages Will Automatically Get Installed !!!
17 | -Knowledge Of Dorking
18 | 
19 | # How To Install
20 | 
21 | To USE the script type the following commands
22 | 
23 | ```git clone https://github.com/TheSpeedX/SDorker.git```
24 | 
25 | ```cd SDorker```
26 | 
27 | ```chmod +x SDork```
28 | 
29 | ```./SDork```
30 | 
31 | Now the Script Will Execute..
32 | 
33 | # NOTE
34 |  It is Only For Educational Purposes. Neither I Say Nor I Promote To Hack Sites Without Owners Consent.  
35 |  Only works on `python2`
36 | 
37 | # CONTACT
38 |  For Any Queries:  
39 |         Ping Me : [Telegram](http://t.me/the_space_bar)
40 | 


--------------------------------------------------------------------------------
/SDork:
--------------------------------------------------------------------------------
  1 | #!/bin/bash
  2 | clear
  3 | echo -e "\e[4;31m SpeedX Productions !!! \e[0m"
  4 | echo -e "\e[1;34m        Presents \e[0m"
  5 | echo -e "\e[1;32m SuperDorker \e[0m"
  6 | echo " "
  7 | echo -e "\e[4;33m Tool For Get Huge Vulnerable Website List. \e[0m"
  8 | echo " "
  9 | echo " "
 10 | echo "Press Enter To Continue..."
 11 | read a
 12 | if [[ -s update.speedx ]];then
 13 | echo " "
 14 | echo -e "\e[1;32m All Requirements Found... \e[0m"
 15 | else
 16 | echo " "
 17 | echo -e "\e[1;32m Please Wait While We Install Necessary Requirements... \e[0m"
 18 | echo " "
 19 | echo " "
 20 | apt update
 21 | apt upgrade
 22 | pkg install figlet toilet curl python2 busybox
 23 | pip2 install --upgrade pip
 24 | pip2 install urllib3
 25 | pip2 install progressbar2
 26 | echo " "
 27 | echo -e "\e[1;32m Requirements Installed Successfully...  \e[0m"
 28 | echo "This App Was Last Updated On"$date >update.speedx
 29 | echo "SuperDorker Was Created By SpeedX... Any Queries Mail ggspeedx29@gmail.com " >>update.speedx
 30 | fi
 31 | for (( start=5;start>=5;start++ ))
 32 | do
 33 | clear
 34 | echo -e "\e[1;32m"
 35 | figlet -f slant -c S Dorker
 36 | echo -e "\e[1;34m Created By \e[0m"
 37 | toilet -f mono12 -F gay SpeedX
 38 | echo -e "\e[4;34m This Dorker Was Created By SpeedX \e[0m"
 39 | echo -e "\e[1;34m For Any Queries Mail Me!!!\e[0m"
 40 | echo -e "\e[1;32m             Mail: ggspeedx29@gmail.com \e[0m"
 41 | echo -e "\e[4;32m  YouTube Channel: https://www.youtube.com/c/GyanaTech \e[0m"
 42 | echo " "
 43 | echo -e "\e[4;31m Please Read Instruction Carefully !!! \e[0m"
 44 | echo -e "\e[1;33m"
 45 | echo "Press 1 To Generate Sites From Dork"
 46 | echo "Press 2 To Scan For Vulnerable Sites"
 47 | echo "Press 3 To View Sample Dorks"
 48 | echo "Press 4 To Install Requirements And Update Script"
 49 | echo "Press 5 For Instructions"
 50 | echo "Press 6 to Exit "
 51 | read ch
 52 | if [ $ch -eq 1 ];then
 53 | clear
 54 | figlet -c S Dorker
 55 | echo -e "\e[1;34m Created By \e[1;32m"
 56 | figlet -f slant -c SpeedX
 57 | echo -e "\e[1;33m Enter A Google Dork:"
 58 | read dork
 59 | echo -e "Enter Number Of Pages:"
 60 | read page
 61 | echo >SDList.txt
 62 | echo -e "\e[1;34m Please Wait... This May Take 1-2 Minutes..."
 63 | url="https://www.google.com/search?q="+$dork
 64 | curl -sA "Chrome" -L $url -o list1.txt
 65 | python2 extract.py list1.txt >SDList.txt
 66 | echo " Dorking Started !!!"
 67 | half=$(( page/2 ))
 68 | if [ $page -gt 1 ];then
 69 | for (( i=1;i<$page;i++ ))
 70 | do
 71 | turl=$url"&start="$(( i*10 ))
 72 | fn="list"$(( i+1 ))".txt"
 73 | curl -sA "Chrome" -L $turl -o $fn
 74 | python2 extract.py $fn >>SDList.txt
 75 | if [ $i -eq $half ];then
 76 | echo "50% Completed !!!"
 77 | fi
 78 | done
 79 | fi
 80 | echo "100% Completed !!!"
 81 | echo "List Created For Dork: "$dork
 82 | echo "Vulnerable Sites Saved in FileName: SDList.txt"
 83 | echo " "
 84 | rm list*.txt
 85 | echo "Do You Want To View it Now (Y/N):"
 86 | read cho
 87 | if [ "$cho" = "Y" ] || [ "$cho" = "y" ] ;then
 88 | echo -e "\e[1;31mThis List Was Created By Super Dorker !!!"
 89 | echo " "
 90 | cat SDList.txt
 91 | echo " "
 92 | echo " "
 93 | echo "Press Enter To Go To Main Menu"
 94 | read a4
 95 | else
 96 | echo "Going Back to Main Menu..."
 97 | sleep 1
 98 | fi
 99 | elif [ $ch -eq 2 ];then
100 | clear
101 | echo -e "\e[1;32m "
102 | figlet -f slant -c S Dorker
103 | echo -e "\e[1;34m Created By \e[0m"
104 | toilet -f mono12 -F gay SpeedX
105 | echo -e "\e[4;34m This Dorker Was Created By SpeedX \e[0m"
106 | echo -e "\e[1;34m For Any Queries Mail Me!!!\e[0m"
107 | echo -e "\e[1;32m          Mail: ggspeedx29@gmail.com \e[0m"
108 | echo -e "\e[4;32m  YouTube Page: https://www.youtube.com/c/GyanaTech \e[0m"
109 | echo -e "\e[1;31m "
110 | echo "Note: This Scanner Only Scans for SQLi Vulnerablity"
111 | echo "Scanning Time Depends On Your Internet Speed & Site List.."
112 | echo "It is Recommended To Use SDorker Generate Vulnerable Site List"
113 | echo "Default FileName : SDList.txt "
114 | echo " "
115 | echo -e "\e[1;33mInput The Name Of File Containing Links:"
116 | read fin
117 | echo -e "\e[1;32m"
118 | python2 vuln.py $fin
119 | echo -e "\e[1;34m Press Enter To Continue.."
120 | read a1
121 | elif [ $ch -eq 3 ];then
122 | clear
123 | cd files
124 | while true
125 | do
126 | clear
127 | echo -e "\e[1;32m "
128 | figlet -f slant -c S Dorker
129 | echo -e "\e[1;34m Created By \e[0m"
130 | toilet -f mono12 -F gay SpeedX
131 | echo -e "\e[4;34m This Dorker Was Created By SpeedX \e[0m"
132 | echo -e "\e[1;34m For Any Queries Mail Me!!!\e[0m"
133 | echo -e "\e[1;32m           Mail: ggspeedx29@gmail.com \e[0m"
134 | echo -e "\e[4;32m       Whatsapp: https://bit.do/speedxgit \e[0m"
135 | echo -e "\e[1;31m "
136 | echo "These Dorks Were Taken From Internet !! And Just Sample Better Use Your Own Dorks"
137 | echo " "
138 | echo "Press 1 For SQLi Dorks"
139 | echo "Press 2 For XSS Dorks"
140 | echo "Press 3 For LFI/RFI Dorks"
141 | echo "Press 4 To Exit "
142 | read dc
143 | if [ $dc -eq 1 ];then
144 | echo -e "\e[1;33mSome SQLi Dorks"
145 | echo " "
146 | cat sqli.speedx
147 | echo " "
148 | echo " "
149 | echo "Press Enter To Go Back"
150 | read a2
151 | elif [ $dc -eq 2 ];then
152 | echo -e "\e[1;33mSome XSS Dorks"
153 | echo " "
154 | cat xss.speedx
155 | echo " "
156 | echo " "
157 | echo "Press Enter To Go Back"
158 | read a2
159 | elif [ $dc -eq 3 ];then
160 | echo -e "\e[1;33mSome File Inclusion Dorks"
161 | echo " "
162 | cat fi.speedx
163 | echo " "
164 | echo " "
165 | echo "Press Enter To Go Back"
166 | read a2
167 | elif [ $dc -eq 4 ];then
168 | break
169 | else
170 | echo "Invalid Input !!!"
171 | sleep 2
172 | fi
173 | done
174 | echo -e "\e[1;31m"
175 | cd ..
176 | elif [ $ch -eq 4 ];then
177 | clear
178 | pkg install git
179 | echo -e "\e[1;34m Downloading Latest Files..."
180 | git clone https://github.com/TheSpeedX/SDorker
181 | if [[ -s SDorker/SDork ]];then
182 | cd SDorker
183 | cp -r -f * .. > temp
184 | cd ..
185 | rm -rf  SDorker >> temp
186 | rm update.speedx >> temp
187 | rm fullsl >> temp
188 | rm proxy.list >> temp
189 | rm temp
190 | chmod +x SDork
191 | fi
192 | echo -e "\e[1;32m SuperDorker Will Restart Now..."
193 | echo -e "\e[1;32m All The Required Packages Will Be Installed..."
194 | echo -e "\e[1;34m Press Enter To Proceed To Restart..."
195 | read a6
196 | ./SDork
197 | exit
198 | elif [ $ch -eq 5 ];then
199 | clear
200 | toilet -f mono12 -F gay S Dorker
201 | echo -e "\e[1;32m Created By "
202 | figlet -f slant -c SpeedX
203 | echo " "
204 | echo -e "\e[1;33m Super Dorker is a Tool which finds the list of website according to your given GOOGLE dork. This can be used for Finding SQLi , XSS , LFI/RFI Vulnerable Websites.\e[0m"
205 | echo " "
206 | echo -e "\e[1;32m Each page of generated dorks contains about 10 Websites. So if you type 1 page it gives 10 websites , 2 page gives 20 websites, etc."
207 | echo " "
208 | echo -e "\e[1;34m Website Vulnerablity Scanner Scans only For SQLi Vulnerablity. It will Soon Be Updated To Scan For Other Vulnerabilities. Keep Supporting ME ;-)"
209 | echo " "
210 | echo -e "\e[1;32m If you dont get any Website Even After Using Proxy Option for your Given Dork , Then Kindly USE VPN; Then Run The Script. :-)"
211 | echo " "
212 | echo -e "\e[1;31m NOTE: It is Only For Educational Purposes. Neither I Say Nor I Promote To Hack Sites Without Owners Consent."
213 | echo " "
214 | echo -e "\e[4;34m Super Dorker Was Created By SpeedX \e[0m"
215 | echo -e "\e[1;34m For Any Queries Mail Me!!!\e[0m"
216 | echo -e "\e[1;32m           Mail: ggspeedx29@gmail.com \e[0m"
217 | echo -e "\e[1;32m       Whatsapp: https://bit.do/speedxgit \e[0m"
218 | echo -e "\e[4;32m   YouTube Page: https://www.youtube.com/c/GyanaTech \e[0m"
219 | echo " "
220 | echo -e "\e[1;32m Support Me By Either Helping In Project Or Donating Small Amount To Me For That Contact Me By Mail\e[0m"
221 | echo " "
222 | echo " Press Enter To Continue..."
223 | read a5
224 | elif [ $ch -eq 6 ];then
225 | start=0
226 | else
227 | echo -e "\e[4;32m Invalid Input !!! \e[0m"
228 | echo "Press Enter To Go Home"
229 | read a3
230 | start=6
231 | clear
232 | fi
233 | done
234 | echo "Thanks For Using Super Dorker !!"
235 | figlet -f slant -c S Dorker
236 | echo "Created By SpeedX !!!!"
237 | toilet -f mono12 -F gay SpeedX
238 | echo -e "\e[1;34m For Any Queries Mail Me!!!\e[0m"
239 | echo -e "\e[1;32m           Mail: ggspeedx29@gmail.com \e[0m"
240 | echo -e "\e[1;32m       Whatsapp: https://bit.do/speedxgit \e[0m"
241 | echo -e "\e[4;32m   YouTube Page: https://www.youtube.com/c/GyanaTech \e[0m"
242 | 


--------------------------------------------------------------------------------
/extract.py:
--------------------------------------------------------------------------------
 1 | import sys,urllib
 2 | def main():
 3 | 	f=open(sys.argv[1],"r")
 4 | 	str=f.read()
 5 | 	f.close()
 6 | 	p=str.split("<a href=")
 7 | 	for s in p:
 8 | 		if s.lower().find("url?q=") == 2:
 9 | 			stin=8
10 | 			ein=int(s.find("&amp;"))
11 | 			t=s[stin:ein]
12 | 			t=urllib.unquote_plus(t)
13 | 			print t
14 | if __name__=="__main__":
15 | 	main()
16 | 


--------------------------------------------------------------------------------
/files/fi.speedx:
--------------------------------------------------------------------------------
 1 | inurl:/modules/mod_mainmenu.php?mosConfig_absolute_path=
 2 | inurl:/include/new-visitor.inc.php?lvc_include_dir=
 3 | inurl:/_functions.php?prefix=
 4 | inurl:/cpcommerce/_functions.php?prefix=
 5 | inurl:/modules/coppermine/themes/default/theme.php?THEME_DIR=
 6 | inurl:/modules/agendax/addevent.inc.php?agendax_path=
 7 | inurl:/ashnews.php?pathtoashnews=
 8 | inurl:/eblog/blog.inc.php?xoopsConfig[xoops_url]=
 9 | inurl:/pm/lib.inc.php?pm_path=
10 | inurl:/b2-tools/gm-2-b2.php?b2inc=
11 | inurl:/modules/mod_mainmenu.php?mosConfig_absolute_path=
12 | inurl:/modules/agendax/addevent.inc.php?agendax_path=
13 | inurl:/includes/include_once.php?include_file=
14 | inurl:/e107/e107_handlers/secure_img_render.php?p=
15 | inurl:/shoutbox/expanded.php?conf=
16 | inurl:/main.php?x=
17 | inurl:/myPHPCalendar/admin.php?cal_dir=
18 | inurl:/index.php/main.php?x=
19 | inurl:/index.php?include=
20 | inurl:/index.php?x=
21 | inurl:/index.php?open=
22 | inurl:/index.php?visualizar=
23 | inurl:/template.php?pagina=
24 | inurl:/index.php?pagina=
25 | inurl:/index.php?inc=
26 | inurl:/includes/include_onde.php?include_file=
27 | inurl:/index.php?page=
28 | inurl:/index.php?pg=
29 | inurl:/index.php?show=
30 | inurl:/index.php?cat=
31 | inurl:/index.php?file=
32 | inurl:/db.php?path_local=
33 | inurl:/index.php?site=
34 | inurl:/htmltonuke.php?filnavn=
35 | inurl:/livehelp/inc/pipe.php?HCL_path=
36 | inurl:/hcl/inc/pipe.php?HCL_path=
37 | inurl:/inc/pipe.php?HCL_path=
38 | inurl:/support/faq/inc/pipe.php?HCL_path=
39 | inurl:/help/faq/inc/pipe.php?HCL_path=
40 | inurl:/helpcenter/inc/pipe.php?HCL_path=
41 | inurl:/live-support/inc/pipe.php?HCL_path=
42 | inurl:/gnu3/index.php?doc=
43 | inurl:/gnu/index.php?doc=
44 | inurl:/phpgwapi/setup/tables_update.inc.php?appdir=
45 | inurl:/forum/install.php?phpbb_root_dir=
46 | inurl:/includes/calendar.php?phpc_root_path=
47 | inurl:/includes/setup.php?phpc_root_path=
48 | inurl:/inc/authform.inc.php?path_pre=
49 | inurl:/include/authform.inc.php?path_pre=
50 | inurl:index.php?nic=
51 | inurl:index.php?sec=
52 | inurl:index.php?content=
53 | inurl:index.php?link=
54 | inurl:index.php?filename=
55 | inurl:index.php?dir=
56 | inurl:index.php?document=
57 | inurl:index.php?view=
58 | inurl:*.php?sel=
59 | inurl:*.php?session=&content=
60 | inurl:*.php?locate=
61 | inurl:*.php?place=
62 | inurl:*.php?layout=
63 | inurl:*.php?go=
64 | inurl:*.php?catch=
65 | inurl:*.php?mode=
66 | inurl:*.php?name=
67 | inurl:*.php?loc=
68 | inurl:*.php?f=
69 | inurl:*.php?inf=
70 | inurl:*.php?pg=
71 | inurl:*.php?load=
72 | inurl:*.php?naam=
73 | allinurl:/index.php?page= site:*.dk
74 | allinurl:/index.php?file= site:*.dk


--------------------------------------------------------------------------------
/files/sqli.speedx:
--------------------------------------------------------------------------------
 1 | inurl:php?id=
 2 | inurl:index.php?id=
 3 | inurl:trainers.php?id=
 4 | inurl:buy.php?category=
 5 | inurl:article.php?ID=
 6 | inurl:play_old.php?id=
 7 | inurl:declaration_more.php?decl_id=
 8 | inurl:page?id=
 9 | inurl:games.php?id=
10 | inurl:page.php?file=
11 | inurl:newsDetail.php?id=
12 | inurl:gallery.php?id=
13 | inurl:article.php?id=
14 | inurl:show.php?id=
15 | inurl:staff_id=
16 | inurl:newsitem.php?num=
17 | inurl:readnews.php?id=
18 | inurl:top10.php?cat=
19 | inurl:historialeer.php?num=
20 | inurl:reagir.php?num=


--------------------------------------------------------------------------------
/files/xss.speedx:
--------------------------------------------------------------------------------
 1 | inurl:".php?cmd="
 2 | inurl:".php?z="
 3 | inurl:".php?q="
 4 | inurl:".php?search="
 5 | inurl:".php?query="
 6 | inurl:".php?searchst­ring="
 7 | inurl:".php?keyword=­"
 8 | inurl:".php?file="
 9 | inurl:".php?years="
10 | inurl:".php?txt="
11 | inurl:".php?tag="
12 | inurl:".php?max="
13 | inurl:".php?from="
14 | inurl:".php?author="
15 | inurl:".php?pass="
16 | inurl:".php?feedback­="
17 | inurl:".php?mail="
18 | inurl:".php?cat="
19 | inurl:".php?vote="
20 | inurl:search.php?q=
21 | inurl:com_feedpostol­d/feedpost.php?url=
22 | inurl:scrapbook.php?­id=
23 | inurl:headersearch.p­hp?sid=
24 | inurl:/poll/­default.asp?catid=
25 | inurl:/search_results.php?search=


--------------------------------------------------------------------------------
/vuln.py:
--------------------------------------------------------------------------------
 1 | import sys
 2 | import urllib
 3 | import progressbar
 4 | def main():
 5 | 	vul=[]
 6 | 	fi=open(sys.argv[1],"r")
 7 | 	st=fi.read()
 8 | 	fi.close()
 9 | 	link=st.split("\n")
10 | 	i=1
11 | 	with progressbar.ProgressBar(max_value=len(link)) as bar:
12 | 		for s in link:
13 | 			try:
14 | 				if s:
15 | 					response=urllib.urlopen(s+"%27")
16 | 					res=response.read()
17 | 					if "error" in res:
18 | 						vul.append(s)
19 | 					bar.update(i)
20 | 					i=i+1
21 | 			except:
22 | 				i=i+1
23 | 	print str(len(vul))+" Websites Found Vulnerable"
24 | 	f2=open("SDSQLi.txt","w")
25 | 	for v in vul:
26 | 		print v
27 | 		f2.write(v+"\n")
28 | 	f2.close()
29 | 	print "\nSite List Saved With Filename: SDSQLi.txt"
30 | if __name__=="__main__":
31 | 	main()
32 | 


--------------------------------------------------------------------------------