Jump to content

Search the Community

Showing results for tags 'google'.

The search index is currently processing. Current results may not be complete.
  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Staff Control
    • Staff Announcements
    • Moderators
    • Staff
    • Administration
  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Pentesting Zone
    • Pentesting Accounts
    • Reverse Engineering
  • Security & Anonymity
    • Security
    • Wireless Security
    • Web Security
    • Anonymity
  • Operating Systems | Hardware | Programs
    • Operating systems
    • Hardware
    • PC programs
    • iOS
    • Android
    • Windows Phone
  • Graphic Design
    • Graphic Design
  • vBCms Comments
  • live stream tv
    • live stream tv
  • Marketplace
    • Sell
    • Services
    • Request
  • Pentesting Premium
    • Pentesting Accounts
  • Modders Section
    • Source Codes
    • Manuals | Videos
    • Tools
    • Others
  • PRIV8-Section
    • Exploits
    • Accounts|Dumps
    • Crypter|Binder|Bots
    • Tutorials|Videos
    • Cracked Tools
    • Make Money
    • More Tools
    • Databeses
    • Ebooks
  • Pentesting Zone PRIV8
    • Pentesting Accounts
    • Reverse Engineering
    • Cracker Preview Area
  • Carding Zone PRIV8
    • Carding
    • Phishing
    • Defacing
    • Doxing
    • Special User Premium Preview Area
  • Recycle Bin
    • Recycle
  • Null3D's Nulled Group

Blogs

There are no results to display.

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me


Location


Interests


Occupation


TeamViewer


Twitter


Facebook


Youtube


Google+


Tox

  1. pagodo (Passive Google Dork) – Automate Google Hacking Database scraping The goal of this project was to develop a passive Google dork script to collect potentially vulnerable web pages and applications on the Internet. There are 2 parts. The first is ghdb_scraper.py that retrieves Google Dorks and the second portion is pagodo.py that leverages the information gathered by ghdb_scraper.py. What are Google Dorks? The awesome folks at Offensive Security maintain the Google Hacking Database (GHDB) found here: [Hidden Content]. It is a collection of Google searches, called dorks, that can be used to find potentially vulnerable boxes or other juicy info that is picked up by Google’s search bots. Changelog v2.3.1 Added switches to optionally provide a file name for both text and JSON output. Thank you @cgeopapa for #68 [hide][Hidden Content]]
  2. Google’s Threat Analysis Group (TAG) has confirmed that Android users around the world are being targeted by the Alien spyware family, which is commercial spyware. Tracking shows that the malware family is an advanced malware family developed by Cytrox Technologies of the Republic of North Macedonia in the Balkans of Southeastern Europe. The company primarily sells it to certain national government agencies or groups backed by those government agencies for the purpose of hacking and spying on targeted Android users. In essence, this is no different from the Pegasus spyware launched by the Israeli commercial spyware company NSO, except that the Alien spyware is for Android. Analysis shows that the Alien spyware family mainly exploits zero-day vulnerabilities and certain known outdated flaws, and is mainly spread by email. For example, after the email of the target user is known, a phishing email is sent to induce the user to click on the link, and the Predator virus can be automatically loaded after clicking. The organization that launched the attack uses a short-link system. When a user clicks, the virus will be loaded for the first time, and then they will jump to the website mentioned in the phishing email to confuse the user. The three campaigns identified by Google’s threat analysis team belong to the Alien malware family, and there are currently dozens of Android users under attack. Obviously, this is also a targeted attack, and the attacker will only carry out targeted attacks after selecting the target. Google writes: Analysis revealed that the Alien malware family has features such as audio recording, hiding apps, stealing user data, and turning on microphones for monitoring. Zero-day vulnerabilities that have been discovered by Google will be fixed soon, but for most Android users, there is no way to update the system in time to fix it. In particular, many of the vulnerabilities exploited by the malware are outdated, meaning they have long been fixed by Google but the OEM has not sent an update to the user. This makes the security of the Android system very weak, because many outdated vulnerabilities have been published long ago, and virtually any attacker can exploit the vulnerabilities. Google reminded that users should not click on links in unknown emails, and users should double-check the sender to ensure that the email is safe before clicking on the link.
  3. uDork uDork is a script written in Python that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web applications, and so on. It does NOT make attacks against any server, it only uses predefined dorks and/or official lists from exploit-db.com (Google Hacking Database). Changelog v3.1 Adapting uDork to the programming changes from Facebook to Meta. Removed the Perl library “libany-uri-escape-perl”. Speed has been improved, gaining 2 seconds between requests. [hide][Hidden Content]]
  4. [hide][Hidden Content]]
  5. Welcome to another hacking tutorial. Today you will learn how to use google to hack passwords and accounts. Not only that you can also hack web servers and find email lists webcams and so on. This technique is called google dorks or Google Dorking. This includes the use of google search operators to find log files. You may not know this but Google has a bad habit of indexing everything. I mean literally everything. With the right dorks, you can hack devices just by Googling the correct parameters and you will have passwords to log in. Below I will show you a demo of how I was able to find passwords of PayPal accounts which were stored openly. So what is Google Dorking and Google Hacking? Google Dorking is an advanced application of Google search operators — using google search operators to hunt for specific vulnerable devices, exploitable files, sensitive data and so on through specific search strings. So basically we can find log files password files email lists etc. openly on the web. What Kinds of Things Do Dorks Connect to the Internet? You would be amazed as to what you can find connected and lying on the internet. Everything from controllers to nuclear stations. Luckily people are implementing security measures with the rise of security threats. So how is it relevant to you? Imagine getting a new house with security cameras or smart IoT devices that provide the ability to control everything via your phone whenever you want. You set it up, connect it to your Wi-Fi and can manage everything. What’s going on in the background isn’t so simple. The devices call a server stored on the internet and streams video and data in real-time, allowing you to control That server may require no password to access the files from your server so that they can access files making your smart home accessible to anyone who searches for text via the server. And google just goes and finds all the devices connected on the internet. So without further ado, let’s begin the tutorial. Finding FTP Servers & Websites Using HTTP To start, we will be using the following dork to search for FTP servers that are open. Searching for these servers can allow us to find internal files and data as shown below: intitle:"index of" inurl:ftp intitle:"index of" inurl:http These servers are public because the index file of their FTP and the HTTP server is the kind of thing that Google loves to scan and index— a fact many people tend to forget. Google’s scanning leads to a complete list of all the files contained within the server being publically available on Google. If we want to start attacking some hacking targets, we can be more specific and search for online forms still using HTTP by changing the text in the search title. intitle:"forum" inurl:http inurl:"registration" Here you can see we’ve found a list of vulnerable online forums using HTTP which can easily be hacked and compromised. Find Log Files with Passwords and username Now we will search for files of the .log type. Searching for LOG files will allow us to look for clues about what the username password to the systems or admin accounts is. The dork we’ll be using to do this is as follows. allintext:password filetype:log allintext:username filetype:log With these dorks, you can easily find usernames and passwords for hacking. Check below I just found a log with all the usernames and passwords for Paypal account and server login and password. Find Configuration Files with Passwords Configuration files should never be public but people never really learn and .ENV files are the best examples of this. If we search for .ENV files that contain a string username and password, we instantly find the accounts. This is how hackers make leaked username password lists. filetype:env "DB_PASSWORD" Find Email Lists on the internet Email lists are a great way of scraping email addresses for phishing and other campaigns used by hackers. These lists are frequently exposed by companies or schools that are trying to organize email lists for their members who forget to implement even the most basic security. filetype:xls inurl:"email.xls" Find Open Cameras If you thought Shodan was scary then your so wrong. Google is scarier. Camera login and viewing pages are usually HTTP, meaning Google always indexes them. One of the common formats for webcams is searching for “top.htm” in the URL as shown below: inurl:top.htm inurl:currenttime While you can easily view the cameras as I did without a password; many dorks look for webcam login pages that have a well-known default password. This tactic is illegal since you logged in using a password, it allows easy access to many webcams not intended for public viewing. Meaning you can spy on people and find things you shouldn’t be found. admin and 12345 are the most common passwords for hacking webcams found by google Dorking. Which Dorks Are the Most Dangerous? By far, the most severe kind of danger is the exposed files and configurations being available openly. We can credential important configurations as well as other sensitive data and account information or the entire service itself via google search operators. This happens in one of two ways. A server or other service is set up incorrectly and exposes its administrative logs to the internet directly. When passwords are changed, or a user fails to log in correctly, these logs can leak the credentials being used to the internet openly as shown in the demo using Google Dorking.
  6. Solo se agrego una forma de copiar más rápido para simplemente ir a buscar. GL [hide][Hidden Content]]
  7. Description: Google Dorks Searcher Fast and Clean URL Vulnerable checker How to use? Put Proxies [SOCKS4] & Dorks in the respective files Then launch the tool EZZZ [hide][Hidden Content]]
  8. dokrscout is a tool to automate the finding of vulnerable applications or secret files around the internet through google searches, dorkscout first starts by fetching the dorks lists from [Hidden Content], and then it scans a given target or everything it founds. [hide][Hidden Content]]
  9. Features -> Multiple dorks for Wordpress -> Check most commons CVE -> WPSCAN (wpscan.com) -> TOR support -> Save passwords to db [hide][Hidden Content]]
  10. Google Dorking Google dorking is a hacker technique that uses Google Search to find security holes in the configuration and computer code that websites use. Google Dorking involves using advanced operators in the Google search engine to locate specific strings of text within search results such as finding specific versions of vulnerable Web applications. Users can utilize commands to get other specific search results. MENU Google Search URL Search Books Music Downloads Information Dork Hacks! Features Dorkify can : Perfom a (Google/URL) search Find specific link with keywords in URL/Title/Website Search for Books Extract mp3/mp4 download links Perform deep scan on definitions and informations Get details on Stocks/Maps/Weather Find vulnerable Wordpress sites Search for Usernames and Password list Find vulnerable Web servers Find vulnerable CCTV's Find open FTP Servers [hide][Hidden Content]]
  11. A Google Search Engine Dorker With HTTP Toolkit Built With Python, Can Make It Easier For You To Find Many URLs/IPs At Once With Fast Time Domhttpx is a google search engine dorker with HTTP toolkit built with python, can make it easier for you to find many URLs/IPs at once with fast time. [hide][Hidden Content]]
  12. pagodo (Passive Google Dork) – Automate Google Hacking Database scraping The goal of this project was to develop a passive Google dork script to collect potentially vulnerable web pages and applications on the Internet. There are 2 parts. The first is ghdb_scraper.py that retrieves Google Dorks and the second portion is pagodo.py that leverages the information gathered by ghdb_scraper.py. What are Google Dorks? The awesome folks at Offensive Security maintain the Google Hacking Database (GHDB) found here: [Hidden Content]. It is a collection of Google searches, called dorks, that can be used to find potentially vulnerable boxes or other juicy info that is picked up by Google’s search bots. [hide][Hidden Content]]
  13. AllMapSoft Google Maps Terrain Downloader – is a tool that can automatically download the Google terrain maps images to your PC. The maps types include terrain maps, terrain maps with roads, terrain maps without roads, terrain maps without labels, terrain maps for China, etc. [Hidden Content] [hide][Hidden Content]]
  14. Grawler is the best tool ever, made for automating google dorks it’s a tool written in PHP which comes with a web interface that automates the task of using google dorks, scrapes the results, and stores them in a file, version 1.0 is the more powerful than ever supporting multiple proxies. ( Read in features ) Grawler aims to automate the task of using google dorks with a web interface, the main idea is to provide a simple yet powerful tool that can be used by anyone, the thing that makes Grawler different in its category is its features. Features The biggest issue faced by tools that automate google dorks is CAPTCHA, but with Grawler, CAPTCHA is not an issue anymore, Grawler comes with a proxy feature that supports three different proxies. Supported Proxies ( The mentioned proxies need you to signup and get the API key, without any credit card information and give you around one thousand free API calls each ) ScraperAPI Scrapingdog Zenscrape Grawler now supports two different modes. Automatic Mode: Automatic mode now comes with many different dork files and supports multiple proxies to deliver a smooth experience. Manual Mode: The manual mode has become more powerful with the Depth feature, now you can select the number of pages you want to scrape results from, proxy feature is also supported by manual mode. Dorks are now categorized in the following categories: Error Messages Extension Java JavaScript Login Panels .Net PHP SQL Injection (7 different files with different dorks) My_dorks file for users to add their own dorks. API keys for proxies are first validated and added to the file. Manual mode allows users to go up to depth 4, but I’d recommend using depth 2 or 3 because the best results are usually on the initial pages. Grawler comes with its own guide to learn google dorks. The results are stored in a file ( filename needs to be specified with txt extension ). URL scraping is better than ever with no garbage URL’s at all. Grawler supports three different search engines are supported (Bing, Google, Yahoo), so if one blocks you another one is available. Multiple proxies with multiple search engines deliver the best experience ever. [hide][Hidden Content]]
  15. GRecon (Greei-Conn) is a simple python tool that automates the process of Google-Based Recon AKA Google Dorking The current Version 1.0 Run 7 Search Queries (7 Micro-Plugins) on the specified Target Providing Awesome Results Current Version Run Google Search Queries to find : Subdomains Sub-Subdomains Signup/Login pages Dir Listing Exposed Docs pdf…xls…docx… WordPress Entries Pasting Sites Records in patsebin,Ghostbin… [hide][Hidden Content]]
  16. GHunt is an OSINT tool to extract information from any Google Account using an email. It can currently extract: Owner’s name The last time the profile was edited Google ID If the account is a Hangouts Bot Activated Google services (YouTube, Photos, Maps, News360, Hangouts, etc.) Possible YouTube channel Possible other usernames Public photos (P) Phones models (P) Phones firmwares (P) Installed Softwares (P) Google Maps reviews (M) Possible physical location (M) Events from Google Calendar (C) The features marked with a (P) require the target account to have the default setting of Allow the people you share content with to download your photos and videos on the Google AlbumArchive, or if the target has ever used Picasa linked to their Google account. More info here. Those marked with a (M) require the Google Maps reviews of the target to be public (they are by default). Those marked with a (C) requires user to have Google Calendar set on public (default it is closed) [hide][Hidden Content]]
  17. GWTMap is a tool to help map the attack surface of Google Web Toolkit (GWT) based applications. The purpose of this tool is to facilitate the extraction of any service method endpoints buried within a modern GWT application’s obfuscated client-side code and attempt to generate example GWT-RPC requests payloads to interact with them. [hide][Hidden Content]]
  18. Description GHunt is an OSINT tool to extract information from any Google Account using an email. It can currently extract: Owner's name Last time the profile was edited Google ID If the account is a Hangouts Bot Activated Google services (YouTube, Photos, Maps, News360, Hangouts, etc.) Possible YouTube channel Possible other usernames Public photos (P) Phones models (P) Phones firmwares (P) Installed softwares (P) Google Maps reviews (M) Possible physical location (M) Latest news 02/10/2020 : Since few days ago, Google return a 404 when we try to access someone's Google Photos public albums, we can only access it if we have a link of one of his albums. Either this is a bug and this will be fixed, either it's a protection that we need to find how to bypass. 03/10/2020 : Successfully bypassed. (commit 01dc016) It requires the "Profile photos" album to be public (it is by default) [hide][Hidden Content]]
  19. Pipe different tools with google dork Scanner [hide][Hidden Content]]
  20. Description: uDork is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web applications, and so on. uDork does NOT make attacks against any server, it only uses predefined dorks and/or official lists from exploit-db.com (Google Hacking Database: [Hidden Content]). [hide][Hidden Content]]
  21. Dorks Eye Google Hacking Dork Scraping and Searching Script Dorks Eye is a script I made in python 3. With this tool, you can easily find Google Dorks. Dork Eye collects potentially vulnerable web pages and applications on the Internet or other awesome info that is picked up by Google's search bots. Dorks Eye has tested it so far on: Kali Linux Parrot Security BlackArch Termux This list would be expanded [hide][Hidden Content]]
  22. Need some extra space in google for your data? Go to [Hidden Content] Input a fake gmail account (fake recommended but not required) Enter a name The current CH that is there doesnt work so just choose one that works. (you will have to refresh the page everytime it doesnt work then choose another CH) Enjoy if an alert says its done then you should see the shared drive under your google drive shortly!
  23. Fast Google Dorks Scan A script to enumerate web-sites using Google dorks. Usage example: ./FGDS.sh megacorp.one Version: 0.035, June 07, 2020 Features: Looking for the common admin panel Looking for the widespread file types Path traversal Prevent Google banning [HIDE][Hidden Content]]
  24. Katana-ds Katana-ds (ds for dork_scanner) is a simple python tool that automates Google Hacking/Dorking and supports Tor It becomes more powerful in combination with GHDB Google Mode : Google mode gives you 2 inputs the “Dork” and the “TLD” (Top Level Domain) that gives you the ability to search in specific countries. e.g : com for Usa / co.ma for Morocco / be for Belgium For more please see the included TLDs.txt file. [HIDE][Hidden Content]]
  25. 8 downloads

    Android Developer Nanodegree By Google - Udacity 13 GB Expensive Course Ripped https://www.udacity.com/course/android-developer-nanodegree-by-google--nd801 Worth: 1700$ Download : Free to user PRIV8
    $110 PRIV8
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.