Github dorking tool with python

Supply a list of dorks and, optionally, one of the following:

  • a user (-u)
  • a file with a list of users (-uf)
  • an organization (-org)
  • a file with a list of organizations (-of)
  • a repo (-r)

You can also pass:

  • an output directory to store results (-o)
  • a filename to store valid items, if your users or org file may contain nonexistent users/orgs (-vif)

All input files (dorks, users, or orgs) should be newline-separated.

techguan’s github-dorks.txt for ideas.

If an output directory is specified, a file will be created for
each dork in the dorks list, and results will be saved there as well as printed. Only use an empty/nonexistent
directory or it will be cleared and its contents replaced.

If your users or orgs files haven’t already been filtered to remove non-existent users/orgs or those without any public
code, it’s highly recommended that you pass in a --valid-items-filename (-vif). This will filter out any invalid
users/orgs when searching for the first dork, and avoid searching against them for subsequent dorks. The output file
can also then be used as the input users/orgs file to speed up later script runs.

Example usage:

python -d dorks.txt                                       # Basic usage
python -d dorks.txt -u molly                              # Search repos of a specific user
python -d dorks.txt -uf users.txt                         # Search repos of all users in the list
python -d dorks.txt -uf users.txt -vif valid_users.txt    # Search repos of all users in the list, filtering out nonexistent users
python -d dorks.txt -org github                           # Search repos of a specific organization
python -d dorks.txt -org github -vif valid_orgs.txt       # Search repos of a specific organization, filtering out nonexistent orgs
python -d dorks.txt -of orgs.txt                          # Search repos of all orgs in the list
python -d dorks.txt -r molly/gh-dork                      # Search the specified repo
python -d dorks.txt -o results                            # Store results in files in the results/ directory, *overwriting any directory contents*

much lower rate limits for unauthenticated users.



View Github

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

GIPHY App Key not set. Please check settings

Samsung Galaxy S22 Series Battery Specs Revealed

Heron Data — Better transaction data for fintechs serving SMBs