SickNerd aims to slowly enumerate Google Dorks via the googlesearch API then requests found pages for metadata

Related tags

Third-party APIs Wrappersosintgoogledork
Overview

SickNerd

CLI tool for making Google Dorking a passive recon experience. SickNerd aims to slowly enumerate Google Dorks via the googlesearch API then requests found pages for metadata. By default it sleeps between queries, randomizes user-agent, retries 429 and failed requests recursively, and prints output after each query. Validation requests can be done after to grab metadata.

SickNerd comes with a default list of dorks aimed at finding sensitive files but accepts input files and can fetch dorks from GHDB. Dorks taken from GHDB can be filtered down by tags and year of creation. Multiple domains can be dorked at once and dorks are run at random.

Getting Started

Usage

sicknerd.py -h

usage: sicknerd.py [-h] [-i INPUT] [-o OUTPUT] [-f FETCH | -d DORKS] [-p] [-q]
                   [-y YEARS] [-m MAX]

CLI tool for making Google Dorking a passive recon experience

optional arguments:
  -h, --help            show this help message and exit
  -i INPUT, --input INPUT
                        Input list of domains (no subdomains).
  -o OUTPUT, --output OUTPUT
                        Prints CSV files to directory. The default is cwd.
  -f FETCH, --fetch FETCH
                        Fetches lists of dorks from GHDB. Accepts one of the
                        following: all, footholds, dir, web, files, servers,
                        errors, juicy, passwords, shopping, login, devices,
                        vulns (optional)
  -d DORKS, --dorks DORKS
                        List of Dorks to test (optional)
  -p, --passive         Skip the validation requests and only do passive
                        checks.
  -q, --quiet           Hides banner
  -y YEARS, --years YEARS
                        Number of years to fetch dorks from. Default is 2.
  -m MAX, --max MAX     Max number of results per query. Default is 30.

Process finished with exit code 0

Take a list of domains and google dork them.

sicknerd.py -i domains.txt

cat domains.txt | sicknerd.py

Skip requesting each URL and only do passive checks.

cat domains.txt | sicknerd.py -p

Use another list of dorks instead of the defaults

cat domains.txt | sicknerd.py -d dorks.txt

Only do passive checks, use another list of dorks, and change output directory

sicknerd.py -i domains.txt -d dorks.txt -p -o ./dork-out/
.▄▄ · ▪   ▄▄· ▄ •▄  ▐ ▄ ▄▄▄ .▄▄▄  ·▄▄▄▄  
▐█ ▀. ██ ▐█ ▌▪█▌▄▌▪•█▌▐█▀▄.▀·▀▄ █·██▪ ██ 
▄▀▀▀█▄▐█·██ ▄▄▐▀▀▄·▐█▐▐▌▐▀▀▪▄▐▀▀▄ ▐█· ▐█▌
▐█▄▪▐█▐█▌▐███▌▐█.█▌██▐█▌▐█▄▄▌▐█•█▌██. ██ 
 ▀▀▀▀ ▀▀▀·▀▀▀ ·▀  ▀▀▀ █▪ ▀▀▀ .▀  ▀▀▀▀▀▀• 
Loaded 3 dorks...
[*] Starting searches...
Max 30 results per query
Found 3 results from site:apple.com filetype:txt
Found 1 results from site:cia.gov filetype:txt
Found 1 results from site:fbi.gov filetype:txt
Found 30 results from site:apple.com inurl:admin
Found 0 results from site:cia.gov inurl:admin
Found 0 results from site:fbi.gov inurl:admin
Found 30 results from site:apple.com filetype:pdf
Found 30 results from site:cia.gov filetype:pdf
Found 30 results from site:fbi.gov filetype:pdf
Found 0 results from site:apple.com db_password filetype:env
Found 0 results from site:cia.gov db_password filetype:env
Found 0 results from site:fbi.gov db_password filetype:env
[*] Validating results...
Writing 125 results to file

Fetch dorks from Google Hacking Database and run vuln dorks from the past two years with max 20 results per query.

sicknerd.py -i urls.txt -f vulns -y 2 -m 20
.▄▄ · ▪   ▄▄· ▄ •▄  ▐ ▄ ▄▄▄ .▄▄▄  ·▄▄▄▄  
▐█ ▀. ██ ▐█ ▌▪█▌▄▌▪•█▌▐█▀▄.▀·▀▄ █·██▪ ██ 
▄▀▀▀█▄▐█·██ ▄▄▐▀▀▄·▐█▐▐▌▐▀▀▪▄▐▀▀▄ ▐█· ▐█▌
▐█▄▪▐█▐█▌▐███▌▐█.█▌██▐█▌▐█▄▄▌▐█•█▌██. ██ 
 ▀▀▀▀ ▀▀▀·▀▀▀ ·▀  ▀▀▀ █▪ ▀▀▀ .▀  ▀▀▀▀▀▀• 
Requesting data from https://www.exploit-db.com/google-hacking-database...
Searching for vulns dorks from the past 2 years...
Loaded 214 dorks...
[*] Starting searches...
Max 20 results per query
Found 0 results from site:apple.com inurl:wp-content/plugins/final-tiles-grid-gallery-lite
Found 0 results from site:cia.gov inurl:wp-content/plugins/final-tiles-grid-gallery-lite
Found 0 results from site:fbi.gov inurl:wp-content/plugins/final-tiles-grid-gallery-lite
[*] CTRL + C pressed! Starting validation then writing output...
[*] Validating results...
Writing 0 results to file
Writing 0 results to file

Install

SickNerd works on Windows and *Nix systems and requires Python.

git clone 

pip install -r requirements.txt

Output

The -o flag is used to direct the CSV output file to a directory. Output file is comma seperated.

cat sicknerd-output.csv | csvtomd

sicknerd-output.csv

QUERY URL HTTP CODE TITLE CONTENT LENGTH
Dork searched URL result from Dork HTTP Code of request HTTP Title Content length of HTTP request

*HTTP CODE, TITLE, and CONTENT LENGTH are only available if passive is disabled (default)

You might also like...
Token-gate Notion pages

This is a Next.js project bootstrapped with create-next-app. Getting Started First, run the development server: npm run dev # or yarn dev Open http://

John 8 Oct 13, 2022
Easily report Instagram pages and close the page
Easily report Instagram pages and close the page

Program Features - 📌 Delete target post on Instagram. - 📌 Delete Media Target post on Instagram - 📌 Complete deletion of the target account on Inst

hack4lx 11 Nov 25, 2022
A bot framework for Reddit to manage threads, wiki pages, widgets, menus and more.

Sub Manager Sub Manager is a bot framework for Reddit to automate a variety of tasks on one or more subreddits, and can be configured and run without

r/SpaceX 3 Aug 26, 2022
A small Python app to create Notion pages from Jira issues
A small Python app to create Notion pages from Jira issues

Jira to Notion This little program will capture a Jira issue and create a corresponding Notion subpage. Mac users can fetch the current issue from the

Dr. Kerem Koseoglu 12 Oct 27, 2022
The Sue Gray Alert System was a 5 minute project that just beeps every time a new article is updated or published on Gov.UK's news pages.

The Sue Gray Alert System was a 5 minute project that just beeps every time a new article is updated or published on Gov.UK's news pages.

Dafydd 1 Jan 31, 2022
google-resumable-media Apache-2google-resumable-media (🥉28 · ⭐ 27) - Utilities for Google Media Downloads and Resumable.. Apache-2

google-resumable-media Utilities for Google Media Downloads and Resumable Uploads See the docs for examples and usage. Experimental asyncio Support Wh

Google APIs 36 Nov 22, 2022
An attendance bot that joins google meet automatically according to schedule and marks present in the google meet.
An attendance bot that joins google meet automatically according to schedule and marks present in the google meet.

Google-meet-self-attendance-bot An attendance bot which joins google meet automatically according to schedule and marks present in the google meet. I

Sarvesh Wadi 12 Sep 20, 2022
Google Drive, OneDrive and Youtube as covert-channels - Control systems remotely by uploading files to Google Drive, OneDrive, Youtube or Telegram
Google Drive, OneDrive and Youtube as covert-channels - Control systems remotely by uploading files to Google Drive, OneDrive, Youtube or Telegram

covert-control Control systems remotely by uploading files to Google Drive, OneDrive, Youtube or Telegram using Python to create the files and the lis

Ricardo Ruiz 52 Dec 6, 2022
Google scholar share - Simple python script to pull Google Scholar data from an author's profile

google_scholar_share Simple python script to pull Google Scholar data from an au

Paul Goldsmith-Pinkham 9 Sep 15, 2022
Releases(v1.0)
Owner
Jake Wnuk
Penetration Tester
Jake Wnuk
GitHub Repository
Senexia - A powerful telegram bot to manage your groups as effectively as possible

⚡ Kenechi bot ⚡ A Powerful, Smart And Simple Group Manager ... Written with AioG

Akhi 2 Jan 11, 2022
Cyber Userbot

Cyber Userbot

Irham 0 May 26, 2022
An enhanced discord.py, based off of the now-archived discord.py project

enhanced-discord.py A modern, maintained, easy to use, feature-rich, and async ready API wrapper for Discord written in Python. The Future of enhanced

Devision 2 Dec 21, 2022
This is new discord nitro generator for discord

Hello! This is new discord nitro generator for discord. If you want use it, To generator i added checker for no seraching generator and checker. This tool maked by .

ItzBolt 1 Jan 16, 2022
Community-based extensions for the python-telegram-bot library.

Community-based extensions for the python-telegram-bot library. Table of contents Introduction Installing Getting help Contributing License Introducti

74 Dec 24, 2022
Apprise - Push Notifications that work with just about every platform!

ap·prise / verb To inform or tell (someone). To make one aware of something. Apprise allows you to send a notification to almost all of the most popul

Chris Caron 7.2k Jan 07, 2023
A simple Discord Mass Dm with Scraper

Python-Mass-DM A simple Discord Mass Dm with Scraper If Member Scraper in Taliban.py doesn't work. You can DM me cuz that scraper is for tokens that g

RyanzSantos 4 Sep 02, 2022
A way to export your saved reddit posts to a Notion table.

reddit-saved-to-notion A way to export your saved reddit posts and comments to a Notion table.Uses notion-sdk-py and praw for interacting with Notion

19 Sep 12, 2022
A Telegram bot to index Chinese and Japanese group contents, works with @lilydjwg/luoxu.

luoxu-bot luoxu-bot 是类似于 luoxu-web 的 CJK 友好的 Telegram Bot,依赖于 luoxu 所创建的后端。 测试环境 Python 3.7.9 pip 21.1.2 开发中使用到的 Telethon 需要 Python 3+ 配置 前往 luoxu 根据相

TigerBeanst 10 Nov 18, 2022
Please Do Not Throw Sausage Pizza Away - Side Scrolling Up The OSI Stack

Please Do Not Throw Sausage Pizza Away - Side Scrolling Up The OSI Stack

John Capobianco 2 Jan 25, 2022
A python library for building user interfaces in discord.

blurple.py A front-end framework for discord.py Blurple.py is a framework built on top of discord.py, giving you the tools you need to build discord b

4 Oct 25, 2021
1.本项目采用Python Flask框架开发提供(应用管理,实例管理,Ansible管理,LDAP管理等相关功能)

op-devops-api 1.本项目采用Python Flask框架开发提供(应用管理,实例管理,Ansible管理,LDAP管理等相关功能) 后端项目配套前端项目为:op-devops-ui jenkinsManager 一.插件python-jenkins bug修复 (1).插件版本 pyt

3 Nov 12, 2021
Neko: An Anime themed advance Telegram group management bot

𝑪𝒖𝒕𝒊𝒆𝒑𝒊𝒊 𝑹𝒐𝒃𝒐𝒕 A modular telegram Python bot running on python3 wit

「 Rajkumar™ 」 39 Jan 08, 2023
With this program you can work English & Turkish

1 - How Can I Work This? You must have Python compilers in order to run this program. First of all, download the compiler in the link. Compiler 2 - Do

Mustafa Bahadır Doğrusöz 3 Aug 07, 2021
A napari plugin for visualising and interacting with electron cryotomograms

napari-subboxer A napari plugin for visualising and interacting with electron cryotomograms. Installation You can install napari-subboxer via pip: pip

3 Nov 25, 2021
可基于【腾讯云函数】/【GitHub Actions】/【Docker】的每日签到脚本(支持多账号使用)签到列表: |爱奇艺|全民K歌|腾讯视频|有道云笔记|网易云音乐|一加手机社区官方论坛|百度贴吧|Bilibili|V2EX|咔叽网单|什么值得买|AcFun|天翼云盘|WPS|吾爱破解|芒果TV|联通营业厅|Fa米家|小米运动|百度搜索资源平台|每日天气预报|每日一句|哔咔漫画|和彩云|智友邦|微博|CSDN|王者营地|

每日签到集合 基于【腾讯云函数】/【GitHub Actions】/【Docker】的每日签到脚本 支持多账号使用 特别声明: 本仓库发布的脚本及其中涉及的任何解锁和解密分析脚本,仅用于测试和学习研究,禁止用于商业用途,不能保证其合法性,准确性,完整性和有效性,请根据情况自行判断。

87 Nov 12, 2022
Zaid Vc Player Allows u to steam Songs/music on vc chat

ᴢᴀɪᴅ ᴠᴄ ᴘʟᴀʏᴇʀ 🔥 SORRY FOR OUR PROJECTS DELETED BY GITHUB FLAGGED ᴢᴀɪᴅ ᴠᴄ ᴘʟᴀᴇʀ ɪꜱ ᴀ ᴛᴇʟᴇɢʀᴀᴍ ᴘʀᴏᴊᴇᴄᴛ ʙᴀꜱᴇᴅ ᴏɴ ᴘʏʀᴏɢʀᴀᴍ ꜰᴏʀ ᴘʟᴀʏ ᴍᴜꜱɪᴄꜱ ɪɴ ᴠᴄ ᴄʜᴀᴛꜱ..

Zaid 117 Dec 29, 2022
Easy to use API Wrapper for somerandomapi.ml.

Overview somerandomapi is an API Wrapper for some-random-api.ml Examples Asynchronous from somerandomapi import Animal import asyncio async def main

Myxi 1 Dec 31, 2021
Sentiment Analysis web app using Streamlit - American Airlines Tweets

Analyse des sentiments à partir des Tweets L'application est développée par Streamlit L'analyse sentimentale est effectuée sur l'ensemble de données d

Abida Hassan 2 Feb 04, 2022
MashaRobot : New Generation Telegram Group Manager Bot (🔸Fast 🔸Python🔸Pyrogram 🔸Telethon 🔸Mongo db )

MashaRobot Me On Telegram ✨ MASHA ✨ This is just a demo bot.. Don't try to add to your group.. Create your own bot How To Host The easiest way to depl

Mr Dark Prince 40 Oct 09, 2022