feat: add dork plugin (Google dork query builder)

Template-based Google dork categories for recon. No HTTP calls, no external deps. Supports 10 categories (admin, files, dirs, etc.). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-15 03:27:10 +01:00
parent 1a6c6de38b
commit 9afde4e092
1 changed files with 89 additions and 0 deletions
--- a/plugins/dork.py
+++ b/plugins/dork.py
@@ -0,0 +1,89 @@
+"""Plugin: Google dork query builder."""
+
+from __future__ import annotations
+
+from derp.plugin import command
+
+# {t} is replaced with the user-supplied target domain/keyword.
+_DORKS: dict[str, tuple[str, str]] = {
+    "admin": (
+        'site:{t} inurl:admin | inurl:login | inurl:panel',
+        "Admin/login panels",
+    ),
+    "files": (
+        'site:{t} ext:pdf | ext:doc | ext:xls | ext:ppt | ext:csv',
+        "Exposed documents",
+    ),
+    "dirs": (
+        'site:{t} intitle:"index of" | intitle:"directory listing"',
+        "Open directory listings",
+    ),
+    "config": (
+        'site:{t} ext:xml | ext:conf | ext:cnf | ext:ini | ext:env | ext:yml',
+        "Configuration files",
+    ),
+    "backup": (
+        'site:{t} ext:bak | ext:old | ext:backup | ext:sql | ext:tar | ext:gz',
+        "Backup/archive files",
+    ),
+    "login": (
+        'site:{t} inurl:signin | inurl:auth | inurl:sso | intitle:"sign in"',
+        "Authentication pages",
+    ),
+    "exposed": (
+        'site:{t} inurl:phpinfo | inurl:debug | inurl:test | intitle:"phpinfo()"',
+        "Debug/test pages",
+    ),
+    "creds": (
+        'site:{t} ext:log | ext:env "password" | "passwd" | "secret"',
+        "Credential leaks in logs/env",
+    ),
+    "cloud": (
+        'site:{t} site:s3.amazonaws.com | site:blob.core.windows.net'
+        ' | site:storage.googleapis.com',
+        "Cloud storage buckets",
+    ),
+    "errors": (
+        'site:{t} "sql syntax" | "fatal error" | "stack trace" | "traceback"',
+        "Error/debug messages",
+    ),
+}
+
+
+@command("dork", help="Google dork builder: !dork list | !dork <category> <target>")
+async def cmd_dork(bot, message):
+    """Generate Google dork queries for a target.
+
+    Usage:
+        !dork list
+        !dork admin example.com
+        !dork files target.org
+    """
+    parts = message.text.split(None, 3)
+    if len(parts) < 2:
+        await bot.reply(message, "Usage: !dork list | !dork <category> <target>")
+        return
+
+    subcmd = parts[1].lower()
+
+    if subcmd == "list":
+        lines = [f"  {k:<10} {desc}" for k, (_, desc) in sorted(_DORKS.items())]
+        await bot.reply(message, "Dork categories:\n" + "\n".join(lines))
+        return
+
+    if len(parts) < 3:
+        cats = ", ".join(sorted(_DORKS))
+        await bot.reply(message, f"Usage: !dork <category> <target> -- categories: {cats}")
+        return
+
+    category = subcmd
+    target = parts[2]
+
+    if category not in _DORKS:
+        cats = ", ".join(sorted(_DORKS))
+        await bot.reply(message, f"Unknown category '{category}' -- available: {cats}")
+        return
+
+    template, desc = _DORKS[category]
+    query = template.replace("{t}", target)
+    await bot.reply(message, f"[{category}] {desc} -> {query}")