dokrscout is a tool to automate the finding of vulnerable applications or secret files around the internet throught google searches, dorkscout first starts by fetching the dorks lists from https://www.exploit-db.com/google-hacking-database and then it scans a given target or everything it founds
Installation
dorkscout can be installed in different ways:
Go Packages
throught Golang Packages (golang package manager)
go get github.com/R4yGM/dorkscout
this will work for every platform
Docker
if you don’t have docker installed you can follow their guide
first of all you have to pull the docker image (only 17.21 MB) from the docker registry, you can see it here, if you don’t want to pull the image you can also clone the repository and then build the image from the Dockerfile
docker pull r4yan/dorkscout:latest
if you don’t want to pull the image you can download or copy the dorkscout Dockerfile that can be found here and then build the image from the Dockerfile
then if you want to launch the container you have to first create a volume to share your files to the container
docker volume create --name dorkscout_data
using docker when you launch the container it will automatically install the dork lists inside a directory called “dorkscout” :
<div class="highlight highlight-source-shell position-relative overflow-auto" data-snippet-clipboard-copy-content="-rw-r–r– 1 r4yan r4yan 110 Jul 31 14:56 .dorkscout
-rw-r–r– 1 r4yan r4yan 79312 Aug 10 20:30 'Advisories and Vulnerabilities.dorkscout'
-rw-r–r– 1 r4yan r4yan 6352 Jul 31 14:56 'Error Messages.dorkscout'
-rw-r–r– 1 r4yan r4yan 38448 Jul 31 14:56 'Files Containing Juicy Info.dorkscout'
-rw-r–r– 1 r4yan r4yan 17110 Jul 31 14:56 'Files Containing Passwords.dorkscout'
-rw-r–r– 1 r4yan r4yan 1879 Jul 31 14:56 'Files Containing Usernames.dorkscout'
-rw-r–r– 1 r4yan r4yan 5398 Jul 31 14:56 Footholds.dorkscout
-rw-r–r– 1 r4yan r4yan 5568 Jul 31 14:56 'Network or Vulnerability Data.dorkscout’
-rw-r–r– 1 r4yan r4yan 49048 Jul 31 14:56 ‘Pages Containing Login Portals.dorkscout’
-rw-r–r– 1 r4yan r4yan 16112 Jul 31 14:56 ‘Sensitive Directories.dorkscout’
-rw-r–r– 1 r4yan r4yan 451 Jul 31 14:56 ‘Sensitive Online Shopping Info.dorkscout’
-rw-r–r– 1 r4yan r4yan 29938 Jul 31 14:56 ‘Various Online Devices.dorkscout’
-rw-r–r– 1 r4yan r4yan 2802 Jul 31 14:56 ‘Vulnerable Files.dorkscout’
-rw-r–r– 1 r4yan r4yan 4925 Jul 31 14:56 ‘Vulnerable Servers.dorkscout’
-rw-r–r– 1 r4yan r4yan 8145 Jul 31 14:56 ‘Web Server Detection.dorkscout’ “>
-rw-r--r-- 1 r4yan r4yan 110 Jul 31 14:56 .dorkscout
-rw-r--r-- 1 r4yan r4yan 79312 Aug 10 20:30 'Advisories and Vulnerabilities.dorkscout'
-rw-r--r-- 1 r4yan r4yan 6352 Jul 31 14:56 'Error Messages.dorkscout'
-rw-r--r-- 1 r4yan r4yan 38448 Jul 31 14:56 'Files Containing Juicy Info.dorkscout'
-rw-r--r-- 1 r4yan r4yan 17110 Jul 31 14:56 'Files Containing Passwords.dorkscout'
-rw-r--r-- 1 r4yan r4yan 1879 Jul 31 14:56 'Files Containing Usernames.dorkscout'
-rw-r--r-- 1 r4yan r4yan 5398 Jul 31 14:56 Footholds.dorkscout
-rw-r--r-- 1 r4yan r4yan 5568 Jul 31 14:56 'Network or Vulnerability Data.dorkscout'
-rw-r--r-- 1 r4yan r4yan 49048 Jul 31 14:56 'Pages Containing Login Portals.dorkscout'
-rw-r--r-- 1 r4yan r4yan 16112 Jul 31 14:56 'Sensitive Directories.dorkscout'
-rw-r--r-- 1 r4yan r4yan 451 Jul 31 14:56 'Sensitive Online Shopping Info.dorkscout'
-rw-r--r-- 1 r4yan r4yan 29938 Jul 31 14:56 'Various Online Devices.dorkscout'
-rw-r--r-- 1 r4yan r4yan 2802 Jul 31 14:56 'Vulnerable Files.dorkscout'
-rw-r--r-- 1 r4yan r4yan 4925 Jul 31 14:56 'Vulnerable Servers.dorkscout'
-rw-r--r-- 1 r4yan r4yan 8145 Jul 31 14:56 'Web Server Detection.dorkscout'