/googlehackingbydomain

Automation of advanced Google queries to locate potentially sensitive information and security vulnerabilities in a domain.

Primary LanguagePythonMIT LicenseMIT

Google Hacking By Domain

  • "GoogleHackingByDomain" is a pentest tool that allows you to automate advanced Google queries from a domain name.
  • It provides 11 different options to search for sensitive information and security vulnerabilities.
    1. Subdomains
    2. Directory Listing
    3. Login and registration pages
    4. Files
    5. Keywords
    6. Default pages
    7. Software versions
    8. Error messages
    9. Databases
    10. Email addresses and phone numbers
    11. Employees
  • In the results shown, the magenta color represents the title, the green the link and the yellow the description.
  • Queries are executed in Spanish and English.
  • The results obtained are saved in a text file, in the same path where the script is located.
  • Google's "Custom Search API" is used. This API is limited to 100 free queries per day.
  • For most queries the first page of results is returned. Only for some queries the first two or three pages of results are returned.
  • This tool works for Windows and Linux.
  • Due to the nature of Google searches, it is possible to obtain unwanted, repetitive or false positive results.

For this tool to work you must generate and obtain an API Key for "Custom Search API" and create a Programmable Search Engine. The steps are described below.

  1. Download the script on your computer
    - git clone https://github.com/Tomas-Ortiz/googlehackingbydomain

  2. Access the downloaded folder
    - cd googlehackingbydomain

  3. Install the required modules
    - pip install google-api-python-client colorama

  4. Generate API Key for "Custom Search API"
    - https://developers.google.com/custom-search/v1/introduction

  5. Create a Programmable Search Engine and get the Search Engine ID (CX)
    - https://programmablesearchengine.google.com/controlpanel/create

  6. Insert your API Key and search engine ID into the variables indicated in the source code of the script (API_KEY and CX)

  7. Finally, you can use the tool
    - python3 GoogleHackingByDomain.py

  8. Additionally, you can use the google console to control enabled APIs, credentials, queries, usage and so on
    - https://console.cloud.google.com/apis/dashboard


Some screenshots showing how the tool works are attached below.