The Extreme, Web-based Google Hacking Tool
I am happy to inform you that I’ve been doing some work on our Google Hacking Database Tool lately. The tool is now pretty stable and it has a better looking, and a lot more intuitive interface. You can enjoy the tool right now from here, as it is entirely web-based.
The GNUCITIZEN’s GHDB project was started back in May 2007. The initial version wasn’t that nice and it sulfured from numerous bugs. The current version is kind of stable but works on Mozilla-based browsers mainly. Somehow Opera and IE does not like some of the jQuery plugins I make use of. That will change with time as web technologies hopefully will become more stable and standard compliant. If you feel like you can resolve some of these issues and help us build the next generation of Google Hacking Tools, please let us know as we are very interested to collaborate on this project. Of course, credits will go where due. The biggest credit receives Johnny and his Google Hacking crew for putting the database together.
Btw, the tool dynamically fetches the Google Hacking Database at run-time from its original source. Therefore the tool is always up-to-date. If you want to learn about how to become a Master Google Hacker, you might be interested in checking the following book: Google Hacking for Penetration Testers Second Edition.
comments
Hu? Opera > FF. C’mon, don’t force us to use the fox :p
don’t know, FF seams to work all the time :)
Seens to be working fine…
Did u click in the big logo “GHDB” in this screen?
and if asked to you about: “keep script runing?”
-You need “autorize” the script!
Нещо не зарежда, на ФФ даже сайдбара не зарежда :)
patience is a virtue, unfortunately, because the database is pulled at runtime via a JSON feed, there is no way I can find out how much has been downloaded and as such show some kind of progress bar. You have to wait. The next version will include a fallback mechanism which will try to pull the remote JSON feed but if that fails in 30 seconds, it will switch to a local one which will be loaded with a progress bar. Also the next version will include full scan options and wizards.
btw, the tools works flawlessly on Safari.
Prism doesn’t like it, but nice job, way better than that Goolag “I need .NET to fetch a website and don’t know what XML is” Scanner
This is way cool pdp! I think lots of people would prefer a web-based tool as opposed to a desktop-installable app.
I agree very cool and usefull app. I was playing with it some yesterday, does the search only display the fist 10 results with no option to scroll to the next page or do you have to search it through google to be able to see multiple pages?
This is an excellent tool, pdp. Does Google still limit the number of queries per day to 1,000 for this application (not that I ever make that type of query volume)?
the tool is based entirely on Google’s AJAX api. There is no point of parsing the entire query result set as eventually you have to present it to some form to the user. Instead of wasting time on it, I am using much clever apprach. Just outsource the task to google, which are doing that thing anyway.