# clone the repo $ git clone https://github.com/sdushantha/dora.git
# change the working directory to sherlock $ cd dora
# install dora $ python3 setup.py install --user
Usage
<div class="highlight highlight-text-shell-session position-relative overflow-auto" data-snippet-clipboard-copy-content="$ dora –help usage: dora [options] positional arguments: PATH Path to directory or file to scan optional arguments: -h, –help show this help message and exit –rg-path RG_PATH Specify path to ripgrep –rg-arguments RG_ARGUMENTS Arguments you want to provide to ripgrep –json JSON Load regex data from a valid JSON file (default: db/data.json) –verbose, -v, –debug, -d Display extra debugging information –no-color Don’t show color in terminal output”>
$ dora --help usage: dora [options]
positional arguments: PATH Path to directory or file to scan
optional arguments: -h, --help show this help message and exit --rg-path RG_PATH Specify path to ripgrep --rg-arguments RG_ARGUMENTS Arguments you want to provide to ripgrep --json JSON Load regex data from a valid JSON file (default: db/data.json) --verbose, -v, --debug, -d Display extra debugging information --no-color Don't show color in terminal output
Example Use Cases
Decompile an APK using apktool and run dora to find exposed API keys
Scan GitHub repos by cloning it and allowing dora to scan it
While scraping sites, run dora to scan for API keys
Contributing
You are more than welcome to contribute in one of the following ways:
Add or improve the info in the JSON data for an API key to better help the user getting a valid bug bounty report when reporting an API key they have found