PaGoDo – an OSINT Tool that Automates Google Dorks

Introduction

PaGoDo (Passive Google Dork) is an OSINT tool that lets you automate Google hacking (dorking) by scraping Google Search with a predefined list of vulnerabilities and useful information. According to the developer, the goal of this project was to develop a passive Google Dork script to collect potentially vulnerable web pages and applications on the Internet. It’s broken into 2 parts, the first script retrieves the Google Dorks, the second collects OSINT.

Google Dorks

If you’re not familiar with Google Dorks, I’ve written a blog post with a basic outline.  Additionally, Offensive Security maintains the Google Hacking Database (GHDB) with over 300 pages of Google Dorks. These are primarily targeted towards the information security industry, but there’s a good bit of value there for journalists, law enforcement, and other OSINT investigators.

PaGoDo Setup

PaGoDo is written in Python and has the option to run in a virtual environment. The README in the GitHub repo outlines how you can set up the tool including advanced options. Because of the nature of PaGoDo, setting up a proxy is recommended. PaGoDo details how to install proxychains4 and how to apply it to PaGoDo for the best results.

Data Collection

PaGoDo’s database for Google Dorks is available through a json or .txt file. Their database currently consists of 4567 Google Dorks, which is really quite impressive. However, this presents a potential problem of “knowing everything while knowing nothing”, a common issue in large scale data collection. To mitigate this, consider creating your own custom Google Dorks ,txt file to use with PaGoDo.

OSINT Insight

PaGoDo is an out of the box solution for information collection at scale. If you’re running a large scale threat hunting program, this tool can be very useful.  If you’re looking for a pinpoint solution, it’s likely not going to add much value for you out of the box. What I appreciate about PaGoDo is that you can adjust the json or txt file to customize the tool to increase or decrease the scope and scale of the operation. It’s also a great introduction to creating and setting up proxies for OSINT collection. Consider creating multiple subsets of PaGoDo to run multiple custom operations; try adding multiple versions of PaGoDo to your workflow and feeding each one with a tailored list of Google Dorks. This will allow you to scale while maintaining organization.  Keep in mind that this will require you to forgo the auto-update from GHDB initiated in the ghdb_scraper.py script.

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s