dorkbot is a modular command-line tool for performing vulnerability scans against a set of webpages returned by Google search queries in a given Google Custom Search Engine. It is broken up into two sets of modules:
google
Search for targets in a Google Custom Search Engine (CSE) via custom search element.
Requirements: PhantomJS
Options:
engine - CSE id
query - search query
phantomjs_dir - phantomjs base directory containing bin/phantomjs (default: tools/phantomjs/)
domain - limit searches to specified domain
google_api
Search for targets in a Google Custom Search Engine (CSE) via JSON API.
Requirements: none
Options:
key - API key
engine - CSE id
query - search query
domain - limit searches to specified domain
stdin
Read targets from standard input, one per line.
Requirements: none
Options: none
Scanner Modules
arachni
Scan targets with Arachni command-line scanner.
Requirements: Arachni
Options:
arachni_dir - arachni base directory containing bin/arachni and bin/arachni_reporter (default: tools/arachni/)
report_dir - directory to save arachni scan binary and JSON scan report output (default: reports/)
checks - which vulnerability checks to perform (default: active/*,-csrf,-unvalidated_redirect,-source_code_disclosure,-response_splitting,-no_sql_injection_differential
wapiti
Scan targets with Wapiti command-line scanner.
Requirements: Wapiti
Options:
wapiti_dir - wapiti base directory containing bin/wapiti (default: tools/wapiti/)
report_dir - directory to save wapiti JSON scan report (default: reports/)
- Indexers - modules that issue a search query and return the results as targets
- Scanners - modules that perform a vulnerability scan against each target
Quickstart
- Download PhantomJS and either Arachni or Wapiti for your platform, and make sure you have installed any required dependencies for each.
- Extract each tool into the tools directory and rename the directory after the tool (dorkbot/tools/phantomjs/, dorkbot/tools/arachni/, etc).
- Create a Google Custom Search Engine and note the search engine ID, e.g. 012345678901234567891:abc12defg3h.
- Install python-dateutil (e.g.: pip install python-dateutil)
python ./dorkbot.py -i google -o engine=012345678901234567891:abc12defg3h,query="filetype:php inurl:id" -s arachniIndexer Modules
Requirements: PhantomJS
Options:
engine - CSE id
query - search query
phantomjs_dir - phantomjs base directory containing bin/phantomjs (default: tools/phantomjs/)
domain - limit searches to specified domain
google_api
Search for targets in a Google Custom Search Engine (CSE) via JSON API.
Requirements: none
Options:
key - API key
engine - CSE id
query - search query
domain - limit searches to specified domain
stdin
Read targets from standard input, one per line.
Requirements: none
Options: none
Scanner Modules
arachni
Scan targets with Arachni command-line scanner.
Requirements: Arachni
Options:
arachni_dir - arachni base directory containing bin/arachni and bin/arachni_reporter (default: tools/arachni/)
report_dir - directory to save arachni scan binary and JSON scan report output (default: reports/)
checks - which vulnerability checks to perform (default: active/*,-csrf,-unvalidated_redirect,-source_code_disclosure,-response_splitting,-no_sql_injection_differential
wapiti
Scan targets with Wapiti command-line scanner.
Requirements: Wapiti
Options:
wapiti_dir - wapiti base directory containing bin/wapiti (default: tools/wapiti/)
report_dir - directory to save wapiti JSON scan report (default: reports/)
