Dorking is the process of discovering possible weaknesses in web applications by using the power of a search machine like Google. Dorking tools can help you craft the right queries to quickly find outdated software, open file directories, or other issues.
Dorking tools are typically used for application discovery and data leak detection.
Users for these tools include pentesters, security professionals.
nycto-dork (dork tool with option to scan for SQLi and LFI)
Nycto-dork is dork scanner that can also test for SQL injections and local file injections (LFI). It can be used during security assessments like a penetration test.
Pybelt (pentest toolkit)
The pybelt toolkit may be useful during a pentest to simplify the process of scanning. It includes options like port scanning, dork checking, cracking and verification of hashes, and scanning for SQL injections.
SQLMate (a friend of SQLMap with additional features)
penetration testing, web application analysis
SQLMate is a tool to perform security assessments and vulnerability of web applications. It can discover admin panels of websites, which might be a way to break into a web application. It also has the option for dorking, which means it can find possible vulnerable targets to a particular attack.
Missing a favorite tool in this list? Share a tool suggestion and we will review it.