### Windows Automatic Installation for DorkEye Source: https://github.com/xploits3c/dorkeye/blob/master/Docs/INSTALL.md Guides users through the automatic installation of DorkEye on Windows. It emphasizes installing Python with the 'Add to PATH' option, optionally installing Git, cloning the repository, and then running the provided setup batch script. This is the recommended method for Windows users. ```batch git clone https://github.com/xPloits3c/DorkEye.git cd DorkEye setup.bat ``` -------------------------------- ### DorkEye Manual Installation (All Platforms) Source: https://github.com/xploits3c/dorkeye/blob/master/Docs/INSTALL.md A universal manual installation guide for DorkEye applicable to Linux, macOS, and Windows. It covers cloning the repository, creating a Python virtual environment (with platform-specific activation commands), upgrading pip, and installing all necessary dependencies. ```bash git clone https://github.com/xPloits3c/DorkEye.git cd DorkEye python3 -m venv dorkeye_env source dorkeye_env/bin/activate # Linux/macOS python -m venv dorkeye_env dorkeye_env\Scripts\activate.bat # Windows pip install --upgrade pip pip install -r requirements.txt ``` -------------------------------- ### Linux Quick Launcher Setup for DorkEye Source: https://github.com/xploits3c/dorkeye/blob/master/Docs/INSTALL.md Sets up a quick launcher for DorkEye on Linux systems, allowing users to execute the tool from any directory by typing 'dorkeye'. This involves creating a bash script in a system-wide executable path that activates the DorkEye environment and runs the main Python script. ```bash sudo nano /usr/local/bin/dorkeye #!/bin/bash cd /path/to/DorkEye source dorkeye_env/bin/activate python3 dorkeye.py "$@" sudo chmod +x /usr/local/bin/dorkeye ``` -------------------------------- ### Linux Manual Installation for DorkEye Source: https://github.com/xploits3c/dorkeye/blob/master/Docs/INSTALL.md Provides a manual installation process for DorkEye on Linux, suitable for advanced users or specific configurations. This method involves installing dependencies, cloning the repository, creating and activating a virtual environment, and installing project requirements manually. ```bash sudo apt update sudo apt install -y python3 python3-pip python3-venv git git clone https://github.com/xPloits3c/DorkEye.git cd DorkEye python3 -m venv dorkeye_env source dorkeye_env/bin/activate pip install --upgrade pip pip install -r requirements.txt python3 dorkeye.py --help ``` -------------------------------- ### Windows Manual Installation (PowerShell) for DorkEye Source: https://github.com/xploits3c/dorkeye/blob/master/Docs/INSTALL.md Explains how to manually install DorkEye on Windows using PowerShell. This method includes setting the execution policy, cloning the repository, creating and activating a virtual environment using PowerShell scripts, and installing project dependencies. ```powershell Set-ExecutionPolicy RemoteSigned -Scope CurrentUser git clone https://github.com/xPloits3c/DorkEye.git cd DorkEye python -m venv dorkeye_env .dorkeye_env\Scripts\Activate.ps1 pip install -r requirements.txt python dorkeye.py --help ``` -------------------------------- ### macOS Automatic Installation for DorkEye Source: https://github.com/xploits3c/dorkeye/blob/master/Docs/INSTALL.md Installs DorkEye on macOS using Homebrew for package management. This method involves installing Homebrew, then Python and Git, cloning the DorkEye repository, making the setup script executable, and running it. It's the recommended approach for macOS users. ```bash /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" brew install python3 git git clone https://github.com/xPloits3c/DorkEye.git cd DorkEye chmod +x setup.sh ./setup.sh ``` -------------------------------- ### Linux Automatic Installation for DorkEye Source: https://github.com/xploits3c/dorkeye/blob/master/Docs/INSTALL.md Installs DorkEye on Linux distributions like Kali, Ubuntu, and Debian using an automatic setup script. It ensures necessary dependencies like Python, pip, and git are installed, clones the repository, sets up a virtual environment, and makes the script executable. The recommended method for most Linux users. ```bash sudo apt update sudo apt install -y python3 python3-pip python3-venv git git clone https://github.com/xPloits3c/DorkEye.git cd DorkEye python3 -m venv dorkeye_env sudo chmod +x setup.sh ./setup.sh ``` -------------------------------- ### Windows Manual Installation (CMD) for DorkEye Source: https://github.com/xploits3c/dorkeye/blob/master/Docs/INSTALL.md Details the manual installation of DorkEye on Windows using the Command Prompt (CMD). This involves cloning the repository, creating and activating a Python virtual environment, upgrading pip, and installing dependencies from the requirements file. ```batch git clone https://github.com/xPloits3c/DorkEye.git cd DorkEye python -m venv dorkeye_env dorkeye_env\Scripts\activate.bat python -m pip install --upgrade pip pip install -r requirements.txt python dorkeye.py --help ``` -------------------------------- ### macOS Manual Installation for DorkEye Source: https://github.com/xploits3c/dorkeye/blob/master/Docs/INSTALL.md Provides instructions for manually installing DorkEye on macOS. This process includes installing developer tools, Python via Homebrew, cloning the repository, setting up a Python virtual environment, activating it, and installing dependencies from the requirements file. ```bash xcode-select --install brew install python3 git clone https://github.com/xPloits3c/DorkEye.git cd DorkEye python3 -m venv dorkeye_env source dorkeye_env/bin/activate pip install -r requirements.txt python3 dorkeye.py --help ``` -------------------------------- ### DorkEye Verification Commands Source: https://github.com/xploits3c/dorkeye/blob/master/Docs/INSTALL.md Commands to verify the successful installation and basic functionality of DorkEye on any platform. It includes creating a configuration file and running a sample search query with specified parameters. ```bash python3 dorkeye.py --create-config python3 dorkeye.py -d "python programming" -c 5 -o test ``` -------------------------------- ### Install DorkEye with Python Source: https://github.com/xploits3c/dorkeye/blob/master/README.md This snippet outlines the steps to install DorkEye on a Debian-based system. It includes updating package lists, installing necessary Python and Git packages, cloning the repository, setting up a Python virtual environment, and executing the setup script. ```bash sudo apt update sudo apt install -y python3 python3-pip python3-venv git git clone https://github.com/xPloits3c/DorkEye.git cd DorkEye python3 -m venv dorkeye_env source dorkeye_env/bin/activate sudo chmod +x setup.sh ./setup.sh ``` -------------------------------- ### Generate Default Configuration Source: https://github.com/xploits3c/dorkeye/blob/master/Docs/USAGE.md Creates a default configuration file (YAML or JSON) that can be used as a starting template for customization or as a backup of the tool's default settings. ```bash python3 dorkeye.py --create-config ``` -------------------------------- ### DorkEye Configuration File Example (YAML) Source: https://context7.com/xploits3c/dorkeye/llms.txt Shows a sample YAML configuration file for DorkEye, defining file extension categories, filtering options, and analysis settings. This allows for customized scanning behavior. ```yaml # dorkeye_config.yaml - DorkEye v4.1 Configuration # File extension categories for classification extensions: documents: [".pdf", ".doc", ".docx", ".xls", ".xlsx", ".ppt", ".pptx"] archives: [".zip", ".rar", ".tar", ".gz", ".7z"] databases: [".sql", ".db", ".sqlite", ".mdb"] backups: [".bak", ".backup", ".old"] configs: [".conf", ".config", ".ini", ".yaml", ".yml", ".json", ".xml"] scripts: [".php", ".asp", ".jsp", ".sh"] credentials: [".env", ".git", ".htpasswd"] # Filtering options blacklist: [] # Extensions to exclude, e.g., [".jpg", ".png"] whitelist: [] # Extensions to include exclusively # Analysis settings analyze_files: true # Enable HEAD request analysis sqli_detection: false # Enable SQL injection testing http_fingerprinting: true # Enable browser fingerprint rotation stealth_mode: false # Enable extended delays for evasion user_agent_rotation: true # Rotate user agents between requests # Network settings request_timeout: 10 # Request timeout in seconds max_retries: 3 # Maximum retry attempts per request ``` -------------------------------- ### Basic DorkEye Syntax Source: https://github.com/xploits3c/dorkeye/blob/master/Docs/USAGE.md The fundamental command structure for running DorkEye, requiring at least the dork input (-d) and output directory (-o) flags. ```bash python3 dorkeye.py [OPTIONS] ``` -------------------------------- ### DorkEye Command Line Interface Source: https://github.com/xploits3c/dorkeye/blob/master/README.md Provides examples of interacting with the DorkEye command-line interface. Shows how to access help, deactivate the virtual environment, and remove the environment directory. ```bash # Help: python dorkeye.py -h # Deactivate: deactivate # Remove environment: rm -rf dorkeye_env ``` -------------------------------- ### DorkEye Command Line Interface Examples Source: https://context7.com/xploits3c/dorkeye/llms.txt Demonstrates various ways to use the DorkEye command-line tool for different OSINT tasks. Includes basic searches, batch processing, stealth mode, SQL injection testing, and configuration management. ```bash python3 dorkeye.py -d "site:example.com filetype:pdf" -o results python3 dorkeye.py -d dorks.txt -c 100 -o output python3 dorkeye.py -d "inurl:.php?id=" --sqli --stealth -o sqli_scan python3 dorkeye.py -d dorks.txt --no-analyze -c 200 -o recon python3 dorkeye.py -d "site:.gov" --whitelist .pdf .docx .xls -o documents python3 dorkeye.py -d dorks.txt --config custom_config.yaml -o scan python3 dorkeye.py --create-config ``` -------------------------------- ### Dork Input Methods Source: https://github.com/xploits3c/dorkeye/blob/master/Docs/USAGE.md Specifies how to provide search queries (dorks) to DorkEye, either as a single string or from a text file. Using files is recommended for automation. ```bash # Single dork python3 dorkeye.py -d "inurl:admin" -o output # Multiple dorks python3 dorkeye.py -d dorks.txt -o output ``` -------------------------------- ### Custom Configuration Loading Source: https://github.com/xploits3c/dorkeye/blob/master/Docs/USAGE.md Allows DorkEye to load settings from a custom YAML or JSON configuration file, enabling fine-grained control over delays, headers, timeouts, and thresholds. ```bash python3 dorkeye.py -d dorks.txt --config custom_config.yaml -o scan ``` -------------------------------- ### Extension Whitelist Filtering Source: https://github.com/xploits3c/dorkeye/blob/master/Docs/USAGE.md Restricts scan results to only include specific file extensions, useful for targeted document harvesting. All other extensions will be ignored. ```bash python3 dorkeye.py -d "site:target.com" --whitelist .pdf .xls .docx -o documents ``` -------------------------------- ### Output Directory Specification Source: https://github.com/xploits3c/dorkeye/blob/master/Docs/USAGE.md Defines the destination folder for DorkEye's scan results and reports. The tool automatically creates the specified directory if it doesn't exist. ```bash python3 dorkeye.py -d dorks.txt -o scan_results ``` -------------------------------- ### Dork File Format Example Source: https://context7.com/xploits3c/dorkeye/llms.txt Illustrates the format for dork files used in batch processing. Each line represents a single dork query, and comments are supported using the '#' symbol. ```text # Database and SQL files site:target.com filetype:sql site:target.com filetype:db site:target.com filetype:sqlite # Configuration files site:target.com filetype:env site:target.com filetype:yaml site:target.com filetype:json inurl:config # Backup files site:target.com filetype:bak site:target.com filetype:backup site:target.com ext:old # Admin panels and login pages site:target.com inurl:admin site:target.com inurl:login site:target.com intitle:"index of" password ``` -------------------------------- ### Result Cap Configuration Source: https://github.com/xploits3c/dorkeye/blob/master/Docs/USAGE.md Sets a limit on the maximum number of URLs DorkEye will collect for each individual dork. Higher caps may lead to slower scans. ```bash python3 dorkeye.py -d dorks.txt -c 100 -o output ``` -------------------------------- ### Recommended Combination: Stealth + SQLi Source: https://github.com/xploits3c/dorkeye/blob/master/Docs/USAGE.md A professional scanning mode combining stealth features with SQL Injection testing, along with a result cap, for comprehensive and safer security assessments. ```bash python3 dorkeye.py -d dorks.txt --stealth --sqli -c 150 -o pro_scan ``` -------------------------------- ### Disable File Analysis Source: https://github.com/xploits3c/dorkeye/blob/master/Docs/USAGE.md Skips the HEAD analysis of discovered files to significantly speed up scan times. This option sacrifices metadata retrieval for performance. ```bash python3 dorkeye.py -d dorks.txt --no-analyze -o fast_scan ``` -------------------------------- ### Recommended Combination: Fast Recon Source: https://github.com/xploits3c/dorkeye/blob/master/Docs/USAGE.md Optimized for speed, this combination disables file analysis and sets a higher result cap for rapid reconnaissance, suitable for initial information gathering. ```bash python3 dorkeye.py -d dorks.txt --no-analyze -c 200 -o recon ``` -------------------------------- ### Recommended Combination: Documents Only Source: https://github.com/xploits3c/dorkeye/blob/master/Docs/USAGE.md A focused scan targeting specific document types (e.g., PDF, DOCX) within a given domain, ideal for harvesting sensitive information or research. ```bash python3 dorkeye.py -d "site:.gov" --whitelist .pdf .docx -o docs ``` -------------------------------- ### DorkEyeEnhanced for Orchestrating Dorking Workflow Source: https://context7.com/xploits3c/dorkeye/llms.txt Shows how to use the DorkEyeEnhanced class to manage the entire dorking process, from loading configurations and running searches to processing results and exporting them. It includes examples of setting up the analyzer and handling dork inputs. ```python from dorkeye import DorkEyeEnhanced, load_config # Load configuration (from file or defaults) config = load_config("dorkeye_config.yaml") # Override specific settings config["sqli_detection"] = True config["stealth_mode"] = True config["analyze_files"] = True # Initialize DorkEye with output filename dorkeye = DorkEyeEnhanced(config, output_file="scan_results") # Process dorks from file or single query dorks = dorkeye.process_dorks("dorks.txt") # Returns list of dork strings # Or: dorks = dorkeye.process_dorks("site:example.com filetype:pdf") # Run search for all dorks dorkeye.run_search(dorks, count=50) # 50 results per dork # Access results programmatically for result in dorkeye.results: print(f"URL: {result['url']}") print(f"Title: {result['title']}") print(f"Category: {result['category']}") if result.get('sqli_test', {}).get('vulnerable'): print(f" [!] SQLi VULNERABLE: {result['sqli_test']['overall_confidence']}") # Print statistics dorkeye.print_statistics() # Results auto-saved to: # - Dump/scan_results.csv # - Dump/scan_results.json # - Dump/scan_results.html ``` -------------------------------- ### SQL Injection Testing Source: https://github.com/xploits3c/dorkeye/blob/master/Docs/USAGE.md Activates automated SQL Injection testing on discovered parameters using various techniques like error-based, boolean-based blind, and time-based blind. Requires authorization. ```bash python3 dorkeye.py -d "site:example.com .php?id=" --sqli -o sqli_scan ``` -------------------------------- ### Stealth Mode Activation Source: https://github.com/xploits3c/dorkeye/blob/master/Docs/USAGE.md Enables stealth mode to minimize detection risks by employing randomized delays, browser fingerprint rotation, and rate-limit evasion. Recommended for sensitive targets or long scans. ```bash python3 dorkeye.py -d dorks.txt --stealth -o stealth_scan ``` -------------------------------- ### Extension Blacklist Filtering Source: https://github.com/xploits3c/dorkeye/blob/master/Docs/USAGE.md Excludes specified file extensions from scan results, helping to reduce noise and focus on relevant data. This speeds up analysis by ignoring unwanted file types. ```bash python3 dorkeye.py -d "site:target.com" --blacklist .jpg .png .gif -o no_images ``` -------------------------------- ### HTTPFingerprintRotator for Realistic Browser Emulation Source: https://context7.com/xploits3c/dorkeye/llms.txt Demonstrates the usage of the HTTPFingerprintRotator class to manage and utilize realistic browser fingerprints. It covers initialization, retrieving random and sequential fingerprints, and building complete HTTP headers for requests. ```python from dorkeye import HTTPFingerprintRotator # Initialize rotator (loads fingerprints from http_fingerprints.json) rotator = HTTPFingerprintRotator() # Get random fingerprint for request fingerprint = rotator.get_random() print(f"Browser: {fingerprint.browser}") print(f"OS: {fingerprint.os}") print(f"User-Agent: {fingerprint.user_agent}") # Build complete headers for HTTP request headers = rotator.build_headers(referer="https://duckduckgo.com/") # Headers include: # - User-Agent (browser-specific) # - Accept, Accept-Language, Accept-Encoding # - Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site # - Cache-Control, DNT, Connection # - Referer (if provided) import requests response = requests.get( "https://example.com/page.php", headers=headers, timeout=10, verify=False ) # Get next fingerprint in rotation (sequential) next_fp = rotator.get_next() ``` -------------------------------- ### FileAnalyzer for URL Categorization and Analysis Source: https://context7.com/xploits3c/dorkeye/llms.txt Illustrates the FileAnalyzer class for categorizing URLs by file type, checking accessibility, and performing SQL injection detection. It shows initialization with custom configurations and various analysis methods. ```python from dorkeye import FileAnalyzer, UserAgentRotator, HTTPFingerprintRotator # Initialize dependencies ua_rotator = UserAgentRotator() fp_rotator = HTTPFingerprintRotator() # Configuration for analyzer config = { "extensions": { "documents": [".pdf", ".doc", ".docx"], "databases": [".sql", ".db", ".sqlite"], "configs": [".env", ".yaml", ".json"] }, "blacklist": [".jpg", ".png", ".gif"], "whitelist": [], "analyze_files": True, "sqli_detection": True, "http_fingerprinting": True, "request_timeout": 10, "max_retries": 3, "stealth_mode": False } analyzer = FileAnalyzer(config, ua_rotator, fp_rotator) # Categorize URL by extension url = "https://example.com/backup/database.sql" category = analyzer.categorize_url(url) # Returns: "databases" extension = analyzer.get_file_extension(url) # Returns: ".sql" # Check blacklist/whitelist is_blocked = analyzer.is_blacklisted(url) # Returns: False is_allowed = analyzer.is_whitelisted(url) # Returns: True # Analyze file metadata (HEAD request) analysis = analyzer.analyze_file(url) # { # "url": "https://example.com/backup/database.sql", # "extension": ".sql", # "category": "databases", # "size": 1048576, # "content_type": "application/sql", # "accessible": True, # "status_code": 200 # } # Check for SQL injection sqli_result = analyzer.check_sqli("https://example.com/view.php?id=1") ``` -------------------------------- ### Run DorkEye Searches Source: https://github.com/xploits3c/dorkeye/blob/master/README.md Demonstrates various ways to execute DorkEye for different scanning needs. Includes basic dorking, SQL injection testing with stealth mode, and a fast scan with no analysis, specifying the number of concurrent requests. ```bash # Basic search python3 dorkeye.py -d "inurl:admin" -o results # SQLi + stealth python3 dorkeye.py -d "site:example.com .php?id=" --sqli --stealth -o scan # Fast scan python3 dorkeye.py -d dorks.txt --no-analyze -c 200 -o fast_results ``` -------------------------------- ### SQLiDetector Class Usage (Python) Source: https://context7.com/xploits3c/dorkeye/llms.txt Demonstrates how to use the SQLiDetector class in Python for automated SQL injection vulnerability testing. It covers initialization, checking potential SQLi URLs, and running comprehensive tests. ```python from dorkeye import SQLiDetector, SQLiConfidence # Initialize detector with stealth mode and custom timeout detector = SQLiDetector(stealth=True, timeout=15) # Check if URL matches SQLi-prone patterns url = "https://example.com/product.php?id=123&cat=electronics" if detector.is_potential_sqli_url(url): print("URL has injectable parameters") # Run comprehensive SQLi test result = detector.test_sqli(url) # Result structure: # { # "url": "https://example.com/product.php?id=123&cat=electronics", # "vulnerable": True, # "overall_confidence": "high", # "tested": True, # "message": "Tested 2 parameter(s)", # "tests": [ # { # "method": "error_based", # "vulnerable": True, # "confidence": "high", # "evidence": ["MYSQL error detected: MySQL syntax.*error"] # } # ] # } ``` -------------------------------- ### DorkEye HTTP Fingerprints Configuration Source: https://context7.com/xploits3c/dorkeye/llms.txt This JSON file configures browser fingerprints used by DorkEye for realistic request headers in stealth mode. It defines profiles for different browsers and operating systems, including user agents and common headers, along with language profiles. ```json { "_meta": { "version": "1.0", "description": "Browser fingerprints for stealth mode" }, "fingerprints": { "chrome_win": { "browser": "Chrome", "os": "Windows", "user_agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36", "headers": { "accept": "@html_accept", "accept_encoding": "@standard_encoding", "cache_control": "@no_cache", "accept_language_profiles": ["en_us", "en_gb"], "sec_fetch": { "dest": "document", "mode": "navigate", "site": "none" } } }, "firefox_linux": { "browser": "Firefox", "os": "Linux", "user_agent": "Mozilla/5.0 (X11; Linux x86_64; rv:121.0) Gecko/20100101 Firefox/121.0", "headers": { "accept": "@html_accept", "accept_encoding": "@standard_encoding", "cache_control": "@no_cache", "accept_language_profiles": ["en_us"], "sec_fetch": { "dest": "document", "mode": "navigate", "site": "none" } } } }, "language_profiles": { "en_us": "en-US,en;q=0.9", "en_gb": "en-GB,en;q=0.9,en-US;q=0.8" }, "common_headers": { "html_accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8", "standard_encoding": "gzip, deflate, br", "no_cache": "no-cache" } } ``` -------------------------------- ### DorkEye JSON Output Format Source: https://context7.com/xploits3c/dorkeye/llms.txt This JSON structure represents the output of DorkEye, detailing scan metadata, SQLi test results, and discovered resources. It includes information on total results, generation time, SQLi detection status, and statistics on found items, duplicates, and categories. ```json { "metadata": { "total_results": 127, "generated_at": "2024-01-15T14:30:00.000000", "sqli_detection_enabled": true, "sqli_vulnerabilities_found": 3, "http_fingerprinting_enabled": true, "stealth_mode": true, "statistics": { "total_found": 150, "duplicates": 23, "blacklisted": 0, "sqli_vulnerable": 3, "category_webpage": 89, "category_documents": 28, "category_databases": 10 } }, "results": [ { "url": "https://example.com/admin/backup.sql", "title": "Index of /admin", "snippet": "backup.sql - 2.5MB - Last modified...", "dork": "site:example.com filetype:sql", "timestamp": "2024-01-15T14:25:30.123456", "extension": ".sql", "category": "databases", "file_size": 2621440, "content_type": "application/octet-stream", "accessible": true, "status_code": 200, "sqli_test": { "url": "https://example.com/view.php?id=1", "vulnerable": false, "overall_confidence": "none", "tested": true, "message": "Tested 1 parameter(s)" } } ] } ``` -------------------------------- ### SQLi Vulnerability Detection Result Source: https://context7.com/xploits3c/dorkeye/llms.txt This snippet shows how to process the results of an SQL injection vulnerability scan. It checks if a vulnerability was found and prints details like confidence level and specific test methods if available. ```python if result["vulnerable"]: print(f"SQLi vulnerability found! Confidence: {result['overall_confidence']}") for test in result["tests"]: if test["vulnerable"]: print(f" Method: {test['method']}") print(f" Evidence: {test['evidence']}") ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.