Listen to this Post
๐ค Tool Name: DorkAgent
๐ GitHub: https://github.com/yee-yore/DorkAgent
๐ Reddit Post: https://www.reddit.com/r/netsec/comments/1abc123/dorkagent_llm_automated_google_dorking/
๐๏ธ Key Features
- Automated Google Dorking โ Input a target domain, and it performs searches automatically.
- LLM-Powered Analysis โ Uses AI (recommended: Claude) to analyze results for vulnerabilities.
- Attack Vector Identification โ Detects potential security flaws.
- Report Generation โ Produces a simplified vulnerability report.
You Should Know: Practical Implementation
1. Installation & Setup
git clone https://github.com/yee-yore/DorkAgent.git cd DorkAgent pip install -r requirements.txt
2. Running DorkAgent
python dork_agent.py --target example.com --llm claude
(Replace `example.com` with your target domain.)
3. Custom Dork Queries
Modify `dorks.txt` to include custom Google dorks:
site:example.com ext:pdf inurl:admin site:example.com filetype:sql site:example.com
4. Analyzing Results with LLM
The tool sends search results to an LLM (Claude/GPT) for analysis. Example prompt:
Analyze these URLs for potential vulnerabilities: - https://example.com/admin.php - https://example.com/backup.zip
5. Generating Reports
Reports are saved in `./reports/` as `target_domain_report.txt`.
What Undercode Say
Automating Google dorking with AI enhances efficiency in bug bounty hunting and penetration testing. However, ethical considerations must be prioritizedโalways obtain permission before scanning.
Related Linux & Windows Commands
- Linux:
Extract URLs from search results grep -oP 'http[bash]?://[^"]+' search_results.html Check for exposed files wget --spider -i suspicious_urls.txt
- Windows (PowerShell):
Test for open admin panels Invoke-WebRequest -Uri "http://example.com/admin" -Method Head
Expected Output:
A structured report detailing vulnerabilities, exposed endpoints, and recommended actions.
(End of )
References:
Reported By: Abhirup Konwar – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass โ
