├── .gitignore ├── LICENSE ├── README.md ├── google_hacking.py └── google_hacking3.py /.gitignore: -------------------------------------------------------------------------------- 1 | # Byte-compiled / optimized / DLL files 2 | __pycache__/ 3 | *.py[cod] 4 | *$py.class 5 | 6 | # C extensions 7 | *.so 8 | 9 | # Distribution / packaging 10 | .Python 11 | build/ 12 | develop-eggs/ 13 | dist/ 14 | downloads/ 15 | eggs/ 16 | .eggs/ 17 | lib/ 18 | lib64/ 19 | parts/ 20 | sdist/ 21 | var/ 22 | wheels/ 23 | *.egg-info/ 24 | .installed.cfg 25 | *.egg 26 | MANIFEST 27 | 28 | # PyInstaller 29 | # Usually these files are written by a python script from a template 30 | # before PyInstaller builds the exe, so as to inject date/other infos into it. 31 | *.manifest 32 | *.spec 33 | 34 | # Installer logs 35 | pip-log.txt 36 | pip-delete-this-directory.txt 37 | 38 | # Unit test / coverage reports 39 | htmlcov/ 40 | .tox/ 41 | .coverage 42 | .coverage.* 43 | .cache 44 | nosetests.xml 45 | coverage.xml 46 | *.cover 47 | .hypothesis/ 48 | .pytest_cache/ 49 | 50 | # Translations 51 | *.mo 52 | *.pot 53 | 54 | # Django stuff: 55 | *.log 56 | local_settings.py 57 | db.sqlite3 58 | 59 | # Flask stuff: 60 | instance/ 61 | .webassets-cache 62 | 63 | # Scrapy stuff: 64 | .scrapy 65 | 66 | # Sphinx documentation 67 | docs/_build/ 68 | 69 | # PyBuilder 70 | target/ 71 | 72 | # Jupyter Notebook 73 | .ipynb_checkpoints 74 | 75 | # pyenv 76 | .python-version 77 | 78 | # celery beat schedule file 79 | celerybeat-schedule 80 | 81 | # SageMath parsed files 82 | *.sage.py 83 | 84 | # Environments 85 | .env 86 | .venv 87 | env/ 88 | venv/ 89 | ENV/ 90 | env.bak/ 91 | venv.bak/ 92 | 93 | # Spyder project settings 94 | .spyderproject 95 | .spyproject 96 | 97 | # Rope project settings 98 | .ropeproject 99 | 100 | # mkdocs documentation 101 | /site 102 | 103 | # mypy 104 | .mypy_cache/ 105 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2018 Jerald Dale 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Google Hacking ![CI status](https://img.shields.io/badge/build-passing-brightgreen.svg) - [![MIT licensed](https://img.shields.io/badge/license-MIT-blue.svg)](https://opensource.org/licenses/MIT) - [![HitCount](http://hits.dwyl.io/cr4shcod3/google_hacking.svg)](http://hits.dwyl.io/cr4shcod3/google_hacking) 2 | 3 | > "Google Hacking, also named Google dorking, is a computer hacking technique that uses Google Search and other Google Applications to find security holes in the configuration and computer code that websites use." 4 | 5 | ## Getting Started 6 | > Please ensure to have Python 2 or Python 3 in your system. Install the required dependencies to run the script. 7 | 8 | ## Installation 9 | 10 | ### Requirements 11 | 12 | * Python 2 13 | * or 14 | * Python 3 15 | 16 | ### Installing 17 | 18 | `$ pip install requests` 19 | 20 | ### Usage 21 | `$ python google_hacking.py http://example.com` 22 | 23 | OR 24 | 25 | ``` 26 | $ python google_hacking.py 27 | URL: http://example.com 28 | ``` 29 | 30 | ## Build With 31 | * [Requests](https://github.com/requests/requests) 32 | 33 | ## Contributing 34 | Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change. 35 | Please make sure to update tests as appropriate. 36 | 37 | ## Authors 38 | * [Cr4sHCoD3](https://www.facebook.com/cr4shcod3.py) - Google Hacking 39 | 40 | ## License 41 | This project is licensed under the [MIT License](https://choosealicense.com/licenses/mit) - see the LICENSE file for details. You can do whatever you want. This is just a practice. 42 | -------------------------------------------------------------------------------- /google_hacking.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python 2 | # -*- coding: utf-8 -*- 3 | """ 4 | Script Created By: 5 | Cr4sHCoD3 6 | Copyrights: 7 | Cr4sHCoD3 2018 8 | Special Mentions: 9 | PureHackers PH 10 | Blood Security Hackers 11 | """ 12 | 13 | 14 | 15 | import os 16 | import sys 17 | import platform 18 | import webbrowser 19 | import requests 20 | 21 | 22 | 23 | def clear(): 24 | if platform.system() == 'Linux': 25 | os.system('clear') 26 | elif platform.system() == 'Windows': 27 | os.system('cls') 28 | elif platform.system() == 'Darwin': 29 | os.system('clear') 30 | else: 31 | os.system('clear') 32 | 33 | 34 | 35 | def banner(): 36 | if platform.system() == 'Windows': 37 | print (""" 38 | o-o o o o o o-o o--o 39 | o | | | | / o | \ | | 40 | | -o o-o o-o o--o | o-o O--O oo o-o OO o-o o--o | O O--o 41 | o | | | | | | | | |-' | | | | | | \ | | | | | | / | | 42 | o-o o-o o-o o--O o o-o o o o-o- o-o o o | o o o--O o-o o--o 43 | | | 44 | o--o o--o 45 | 46 | Created By: Cr4sHCoD3 [ PureHackers | Blood Security Hackers ] 47 | Github: https://github.com/cr4shcod3 48 | """) 49 | elif platform.system() == 'Linux' or platform.system() == 'Darwin': 50 | print (""" 51 | o-o o o o o o-o o--o 52 | o | | | | / o | \ | | 53 | | -o o-o o-o o--o | o-o O--O oo o-o OO o-o o--o | O O--o 54 | o | | | | | | | | |-' | | | | | | \ | | | | | | / | | 55 | o-o o-o o-o o--O o o-o o o o-o- o-o o o | o o o--O o-o o--o 56 | | | 57 | o--o o--o 58 | 59 | Created By: Cr4sHCoD3 [ PureHackers | Blood Security Hackers ] 60 | Github: https://github.com/cr4shcod3 61 | """) 62 | else: 63 | print (""" 64 | o-o o o o o o-o o--o 65 | o | | | | / o | \ | | 66 | | -o o-o o-o o--o | o-o O--O oo o-o OO o-o o--o | O O--o 67 | o | | | | | | | | |-' | | | | | | \ | | | | | | / | | 68 | o-o o-o o-o o--O o o-o o o o-o- o-o o o | o o o--O o-o o--o 69 | | | 70 | o--o o--o 71 | 72 | Created By: Cr4sHCoD3 [ PureHackers | Blood Security Hackers ] 73 | Github: https://github.com/cr4shcod3 74 | """) 75 | 76 | 77 | 78 | def main(): 79 | clear() 80 | banner() 81 | print (""" 82 | [ Google Hacking Menu ] 83 | \t01) Directory Listing 84 | \t02) Configuration Files 85 | \t03) Database Files 86 | \t04) Log Files 87 | \t05) Backup and Old Files 88 | \t06) Login Pages 89 | \t07) SQL Errors 90 | \t08) Publicly Exposed Documents 91 | \t09) phpinfo() 92 | \t10) Google Hacking Database 93 | \t99) Exit 94 | \tOR) CTRL + C 95 | """) 96 | try: 97 | choice = int(raw_input('Google_Hacking: ')) 98 | except ValueError: 99 | print ('[+] - Please enter a valid integer.') 100 | main() 101 | except EOFError: 102 | print ('\n[+] - Exiting.') 103 | sys.exit() 104 | except KeyboardInterrupt: 105 | print ('\n[+] - Exiting.') 106 | sys.exit() 107 | if choice == 1 or choice == 01: 108 | webbrowser.open_new_tab(google_hacking + 'site:' + url + '+intitle:index.of') 109 | main() 110 | elif choice == 2 or choice == 02: 111 | webbrowser.open_new_tab(google_hacking + 'site:' + url + '+ext:xml+|+ext:conf+|+ext:cnf+|+ext:reg+|+ext:inf+|+ext:rdp+|+ext:cfg+|+ext:txt+|+ext:ora+|+ext:ini') 112 | main() 113 | elif choice == 3 or choice == 03: 114 | webbrowser.open_new_tab(google_hacking + 'site:' + url + '+ext:sql+|+ext:dbf+|+ext:mdb') 115 | main() 116 | elif choice == 4 or choice == 04: 117 | webbrowser.open_new_tab(google_hacking + 'site:' + url + '+ext:log') 118 | main() 119 | elif choice == 5 or choice == 05: 120 | webbrowser.open_new_tab(google_hacking + 'site:' + url + '+ext:bkf+|+ext:bkp+|+ext:bak+|+ext:old+|+ext:backup') 121 | main() 122 | elif choice == 6 or choice == 06: 123 | webbrowser.open_new_tab(google_hacking + 'site:' + url + '+inurl:login | admin | user | cpanel | account | moderator | /cp') 124 | main() 125 | elif choice == 7 or choice == 07: 126 | webbrowser.open_new_tab(google_hacking + 'site:' + url + '+intext:"sql+syntax+near"+|+intext:"syntax+error+has+occurred"+|+intext:"incorrect+syntax+near"+|+intext:"unexpected+end+of+SQL+command"+|+intext:"Warning:+mysql_connect()"+|+intext:"Warning:+mysql_query()"+|+intext:"Warning:+pg_connect()"') 127 | main() 128 | elif choice == 8: 129 | webbrowser.open_new_tab(google_hacking + 'site:' + url + '+ext:doc+|+ext:docx+|+ext:odt+|+ext:pdf+|+ext:rtf+|+ext:sxw+|+ext:psw+|+ext:ppt+|+ext:pptx+|+ext:pps+|+ext:csv') 130 | main() 131 | elif choice == 9: 132 | webbrowser.open_new_tab(google_hacking + 'site:' + url + '+ext:php+intitle:phpinfo+"published+by+the+PHP+Group"') 133 | main() 134 | elif choice == 10 or choice == 10: 135 | webbrowser.open_new_tab('https://www.exploit-db.com/google-hacking-database/') 136 | elif choice == 99: 137 | print ('\n[+] - Exiting.') 138 | sys.exit() 139 | else: 140 | print ('[!] - Unknown error has occured.') 141 | main() 142 | 143 | 144 | 145 | if __name__ == '__main__': 146 | clear(); banner() 147 | print ('\n[#] - Checking Modules...') 148 | try: 149 | import requests 150 | print ('[+] - requests == OK!') 151 | except ImportError: 152 | raise ImportError('\n[!] - requests == NOT OK!') 153 | print ('\n[#] - Checking URL...') 154 | try: 155 | url = sys.argv[1] 156 | print ('[+] - URL == OK!') 157 | print ('URL: ' + url) 158 | except IndexError: 159 | print ('[!] - URL == NOT OK!') 160 | url = str(raw_input('URL: ')) 161 | if 'http://' not in url: 162 | hostname = url 163 | print ('[+] - URL == Adding http://') 164 | url = ('http://' + url) 165 | print ('URL: ' + url) 166 | elif 'http://' in url: 167 | hostname = url.replace('http://', '') 168 | url = url 169 | print ('[+] - Search Engine == SET!') 170 | google_hacking = 'https://www.google.com/search?q=' 171 | main() 172 | -------------------------------------------------------------------------------- /google_hacking3.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python 2 | # -*- coding: utf-8 -*- 3 | """ 4 | Script Created By: 5 | Cr4sHCoD3 6 | Copyrights: 7 | Cr4sHCoD3 2018 8 | Special Mentions: 9 | PureHackers PH 10 | Blood Security Hackers 11 | """ 12 | 13 | 14 | 15 | import os 16 | import sys 17 | import platform 18 | import webbrowser 19 | import requests 20 | 21 | 22 | 23 | def clear(): 24 | if platform.system() == 'Linux': 25 | os.system('clear') 26 | elif platform.system() == 'Windows': 27 | os.system('cls') 28 | elif platform.system() == 'Darwin': 29 | os.system('clear') 30 | else: 31 | os.system('clear') 32 | 33 | 34 | 35 | def banner(): 36 | if platform.system() == 'Windows': 37 | print (""" 38 | o-o o o o o o-o o--o 39 | o | | | | / o | \ | | 40 | | -o o-o o-o o--o | o-o O--O oo o-o OO o-o o--o | O O--o 41 | o | | | | | | | | |-' | | | | | | \ | | | | | | / | | 42 | o-o o-o o-o o--O o o-o o o o-o- o-o o o | o o o--O o-o o--o 43 | | | 44 | o--o o--o 45 | 46 | Created By: Cr4sHCoD3 [ PureHackers | Blood Security Hackers ] 47 | Github: https://github.com/cr4shcod3 48 | """) 49 | elif platform.system() == 'Linux' or platform.system() == 'Darwin': 50 | print (""" 51 | o-o o o o o o-o o--o 52 | o | | | | / o | \ | | 53 | | -o o-o o-o o--o | o-o O--O oo o-o OO o-o o--o | O O--o 54 | o | | | | | | | | |-' | | | | | | \ | | | | | | / | | 55 | o-o o-o o-o o--O o o-o o o o-o- o-o o o | o o o--O o-o o--o 56 | | | 57 | o--o o--o 58 | 59 | Created By: Cr4sHCoD3 [ PureHackers | Blood Security Hackers ] 60 | Github: https://github.com/cr4shcod3 61 | """) 62 | else: 63 | print (""" 64 | o-o o o o o o-o o--o 65 | o | | | | / o | \ | | 66 | | -o o-o o-o o--o | o-o O--O oo o-o OO o-o o--o | O O--o 67 | o | | | | | | | | |-' | | | | | | \ | | | | | | / | | 68 | o-o o-o o-o o--O o o-o o o o-o- o-o o o | o o o--O o-o o--o 69 | | | 70 | o--o o--o 71 | 72 | Created By: Cr4sHCoD3 [ PureHackers | Blood Security Hackers ] 73 | Github: https://github.com/cr4shcod3 74 | """) 75 | 76 | 77 | 78 | def main(): 79 | clear() 80 | banner() 81 | print (""" 82 | [ Google Hacking Menu ] 83 | \t01) Directory Listing 84 | \t02) Configuration Files 85 | \t03) Database Files 86 | \t04) Log Files 87 | \t05) Backup and Old Files 88 | \t06) Login Pages 89 | \t07) SQL Errors 90 | \t08) Publicly Exposed Documents 91 | \t09) phpinfo() 92 | \t10) Google Hacking Database 93 | \t99) Exit 94 | \tOR) CTRL + C 95 | """) 96 | try: 97 | choice = int(input('Google_Hacking: ')) 98 | except ValueError: 99 | print ('[+] - Please enter a valid integer.') 100 | main() 101 | except EOFError: 102 | print ('\n[+] - Exiting.') 103 | sys.exit() 104 | except KeyboardInterrupt: 105 | print ('\n[+] - Exiting.') 106 | sys.exit() 107 | if choice == 1: 108 | webbrowser.open_new_tab(google_hacking + 'site:' + url + '+intitle:index.of') 109 | main() 110 | elif choice == 2: 111 | webbrowser.open_new_tab(google_hacking + 'site:' + url + '+ext:xml+|+ext:conf+|+ext:cnf+|+ext:reg+|+ext:inf+|+ext:rdp+|+ext:cfg+|+ext:txt+|+ext:ora+|+ext:ini') 112 | main() 113 | elif choice == 3: 114 | webbrowser.open_new_tab(google_hacking + 'site:' + url + '+ext:sql+|+ext:dbf+|+ext:mdb') 115 | main() 116 | elif choice == 4: 117 | webbrowser.open_new_tab(google_hacking + 'site:' + url + '+ext:log') 118 | main() 119 | elif choice == 5: 120 | webbrowser.open_new_tab(google_hacking + 'site:' + url + '+ext:bkf+|+ext:bkp+|+ext:bak+|+ext:old+|+ext:backup') 121 | main() 122 | elif choice == 6: 123 | webbrowser.open_new_tab(google_hacking + 'site:' + url + '+inurl:login | admin | user | cpanel | account | moderator | /cp') 124 | main() 125 | elif choice == 7: 126 | webbrowser.open_new_tab(google_hacking + 'site:' + url + '+intext:"sql+syntax+near"+|+intext:"syntax+error+has+occurred"+|+intext:"incorrect+syntax+near"+|+intext:"unexpected+end+of+SQL+command"+|+intext:"Warning:+mysql_connect()"+|+intext:"Warning:+mysql_query()"+|+intext:"Warning:+pg_connect()"') 127 | main() 128 | elif choice == 8: 129 | webbrowser.open_new_tab(google_hacking + 'site:' + url + '+ext:doc+|+ext:docx+|+ext:odt+|+ext:pdf+|+ext:rtf+|+ext:sxw+|+ext:psw+|+ext:ppt+|+ext:pptx+|+ext:pps+|+ext:csv') 130 | main() 131 | elif choice == 9: 132 | webbrowser.open_new_tab(google_hacking + 'site:' + url + '+ext:php+intitle:phpinfo+"published+by+the+PHP+Group"') 133 | main() 134 | elif choice == 10: 135 | webbrowser.open_new_tab('https://www.exploit-db.com/google-hacking-database/') 136 | elif choice == 99: 137 | print ('\n[+] - Exiting.') 138 | sys.exit() 139 | else: 140 | print ('[!] - Unknown error has occured.') 141 | main() 142 | 143 | 144 | 145 | if __name__ == '__main__': 146 | clear(); banner() 147 | print ('\n[#] - Checking Modules...') 148 | try: 149 | import requests 150 | print ('[+] - requests == OK!') 151 | except ImportError: 152 | raise ImportError('\n[!] - requests == NOT OK!') 153 | print ('\n[#] - Checking URL...') 154 | try: 155 | url = sys.argv[1] 156 | print ('[+] - URL == OK!') 157 | print ('URL: ' + url) 158 | except IndexError: 159 | print ('[!] - URL == NOT OK!') 160 | url = str(input('URL: ')) 161 | if 'http://' not in url: 162 | hostname = url 163 | print ('[+] - URL == Adding http://') 164 | url = ('http://' + url) 165 | print ('URL: ' + url) 166 | elif 'http://' in url: 167 | hostname = url.replace('http://', '') 168 | url = url 169 | print ('[+] - Search Engine == SET!') 170 | google_hacking = 'https://www.google.com/search?q=' 171 | main() 172 | --------------------------------------------------------------------------------