Advanced Search / Dork / Mass Exploitation Scanner
Commands:
download
کد:
Engines: [Google apis cache] Bing Ask Yandex Sogou Exalead Shodan ● Mass Dork Search ● Multiple instant scans. ● Mass Exploitation ● Use proxy. ● Random user agent. ● Random engine. ● Mass Extern commands execution. ● Exploits and issues search. ● XSS / SQLI / LFI / AFD scanner. ● Filter wordpress & Joomla sites. ● Wordpress theme and plugin detection. ● Find Admin page. ● Decode / Encode Base64 / MD5 ● Ports scan. ● Collect IPs ● Collect E-mails. ● Auto detect errors. ● Auto detect forms. ● Auto detect Cms. ● Post data. ● Auto sequence repeater. ● Validation. ● Post and Get method ● IP Localisation ● Issues and Exploit search ● Interactive and Normal interface. ● And more...
Commands:
کد:
--help / -h Help. --proxy Set tor proxy for scans [EX: --proxy "socks4://localhost:9050"] Set proxy [EX: --proxy "http://12.45.44.2:8080"] Set proxy list [EX: --proxy file] --prandom Random proxy [EX: --prandom file] or --prandom "socks://localhost:9050"] --motor / -m bing google ask yandex sogou exalead googleapis googlecache or all --apikey Apikey --cx Googleapis ID --mrandom Random of given engines --brandom Random all disponibles agents --freq Random time frequency (in seconds) --time set browser time out --dork / -d Dork to search [Ex: house [OTHER]cars [OTHER]hotel] --target / -t Target --level / -l Scan level (Number of results pages to scan) --zone Search engine country. --param / -p Set test parameter EX:id,cat,product_ID --save / -s Output. --source Html output file --bugtraq Serach exploits and issues --content Print request content --data Post and Get forms. See examples --vshell Validate by url ex: --HOST/shell.php or file --post Use post method --get Use get method --header Set headers --fullHeaders Print full request headers --host Domain name [Ex: site.com] --nobanner Hide tool banner --beep Produce beep sound if positive scan found. --ifend Produce beep sound when scan process is finished. --noverbose No scan verbose. --ping Host ping. --limit Limit max positive scan results. --valid / -v Validate by string at least 1 is matching --validAll Validate all given strings --status Validate by http header status --server Validate by server --ifinurl Get targets with exact string matching --sregex Get targets with exact regex matching --exclude Get targets where strings do not exist in html --excludeAll Get targets where all strings do not exist in html --unique Get targets with exact dork matching --replace Replace exact string --replaceFROM Replace from string to the end of target --exp / -e Exploit/Payload will be added to full target --expHost Exploit will be added to the host --expIp Exploit will be added to the host ip --xss Xss scan --sql Sqli scan --lfi Local file inclusion --joomrfi Scan for joomla local file inclusion. --shell Shell link [Ex: http://www.site.com/shell.txt] --wpafd Scan wordpress sites for arbitrary file download --admin Get site admin page --shost Get site subdomains --port port --tcp TCP port --udp UDP port --getlinks Get target html links --wp Wordpress sites in the server --joom Joomla sites in the server --zip Get zip files --md5 Convert to md5 --encode64 Encode base64 string --decode64 decode base64 string --TARGET Will be replaced by target in extern command --HOST Will be replaced by host in extern command --HOSTIP Will be replaced by host IP in extern command --PORT Will be replaced by open port in extern command --ips Collect Ips --geoloc Ip geolocalisation --regex Crawl to get strings matching regex --noquery Remove string value from Query url [ex: site.com/index.php?id=string] --command / -c Extern Command to execute --popup Execute Extern Command in new terminal window --zoneH Upload to Zone-H --cookies Cookies output file --email Collect emails rang(x-y) EX: --expHost "/index.php?id=rang(1-9)" --sql OR -t "site.com/index.php?id=rang(1-9)" --sql site.com/index.php?id=1 -> 9. repeat(txt-y) EX: --expHost "/index.php?id=repeat(../-9)wp-config.php" --sql OR -t "site.com/index.php?id=../wp-config.php" In site.com/index.php?id=../wp-config.php then site.com/index.php?id=../../wp-config.php 9 times [OTHER] To separate values ex: dork1 [OTHER]DORK2 [OTHER]DORK3 --googleapi Google Apis --shodan Shodan search --count Search Shodan without Results --count Search Shodan --dnsreverset Shodan Reverse DNS Lookup --dnsresolve Shodan Resolve DNS Lookup --tokens String filters and parameters --querysearch Search the directory of saved Shodan search queries --query List the saved Shodan search queries --querytags List the most popular Shodan tags --myip List all services that Shodan crawls --services List all services that Shodan crawls --apinfo My Shodan API Plan Information --ports List of port numbers that the crawlers are looking for --protocols List all protocols that can be used when performing on-demand Internet scans via Shodan. --honeyscore Calculates honeypot score ranging from 0 (not a honeypot) to 1.0 (is a honeypot) in shodan --facets Shodan search facets --update Update tool --repair Repair or force tool update. --tool / -? Tool info. --config User configuration. --interactive / -i Interactive mode interface. --uninstall Uninstall Tool.