Module Name: Google Hacking Database
Module path: recon/domains-vulnerabilities/ghdb


DORKS:
GHDB_ADVISORIES_AND_VULNERABILITIES:
GHDB_ERROR_MESSAGES:
GHDB_FILES_CONTAINING_JUICY_INFO:
GHDB_FILES_CONTAINING_PASSWORDS:
GHDB_FILES_CONTAINING_USERNAMES:
GHDB_FOOTHOLDS:
GHDB_NETWORK_OR_VULNERABILITY_DATA:
GHDB_PAGES_CONTAINING_LOGIN_PORTALS:
GHDB_SENSITIVE_DIRECTORIES:
GHDB_SENSITIVE_ONLINE_SHOPPING_INFO:
GHDB_VARIOUS_ONLINE_DEVICES:
GHDB_VULNERABLE_FILES:
GHDB_VULNERABLE_SERVERS:
GHDB_WEB_SERVER_DETECTION:
SOURCE:


Name: Google Hacking Database
Path: modules/recon/domains-vulnerabilities/ghdb.py
Author: Tim Tomes (@LaNMaSteR53)

Description:
Searches for possible vulnerabilites in a domain by leveraging the Google Hacking Database (GHDB) and the 'site' search operator. Updates the 'vulnerabilities' table with the results.

Options:
Name Current Value Required Description
DORKS no file containing an alternate list of Google dorks
GHDB_ADVISORIES_AND_VULNERABILITIES False yes enable/disable the 1985 dorks in this category
GHDB_ERROR_MESSAGES False yes enable/disable the 82 dorks in this category
GHDB_FILES_CONTAINING_JUICY_INFO False yes enable/disable the 343 dorks in this category
GHDB_FILES_CONTAINING_PASSWORDS False yes enable/disable the 189 dorks in this category
GHDB_FILES_CONTAINING_USERNAMES False yes enable/disable the 17 dorks in this category
GHDB_FOOTHOLDS False yes enable/disable the 34 dorks in this category
GHDB_NETWORK_OR_VULNERABILITY_DATA False yes enable/disable the 63 dorks in this category
GHDB_PAGES_CONTAINING_LOGIN_PORTALS False yes enable/disable the 313 dorks in this category
GHDB_SENSITIVE_DIRECTORIES False yes enable/disable the 110 dorks in this category
GHDB_SENSITIVE_ONLINE_SHOPPING_INFO False yes enable/disable the 10 dorks in this category
GHDB_VARIOUS_ONLINE_DEVICES False yes enable/disable the 270 dorks in this category
GHDB_VULNERABLE_FILES False yes enable/disable the 61 dorks in this category
GHDB_VULNERABLE_SERVERS False yes enable/disable the 83 dorks in this category
GHDB_WEB_SERVER_DETECTION False yes enable/disable the 74 dorks in this category
SOURCE default yes source of input (see 'show info' for details)

Source Options:
default SELECT DISTINCT domain FROM domains WHERE domain IS NOT NULL
<string> string representing a single input
<path> path to a file containing a list of inputs
query <sql> database query returning one column of inputs

Comments:
* Special thanks to the Offensive Security crew for maintaining the GHDB and making it available to open source projects like Recon-ng. Thanks Muts!