diff --git a/assets-updated-train/img/backup.png b/assets-updated-train/img/backup.png new file mode 100644 index 0000000..beddedc Binary files /dev/null and b/assets-updated-train/img/backup.png differ diff --git a/assets-updated-train/img/cert.png b/assets-updated-train/img/cert.png new file mode 100644 index 0000000..552e0d9 Binary files /dev/null and b/assets-updated-train/img/cert.png differ diff --git a/assets-updated-train/img/cms.png b/assets-updated-train/img/cms.png new file mode 100644 index 0000000..4ed36d0 Binary files /dev/null and b/assets-updated-train/img/cms.png differ diff --git a/assets-updated-train/img/config.jpg b/assets-updated-train/img/config.jpg new file mode 100644 index 0000000..6a61374 Binary files /dev/null and b/assets-updated-train/img/config.jpg differ diff --git a/assets-updated-train/img/directory.png b/assets-updated-train/img/directory.png new file mode 100644 index 0000000..63b6310 Binary files /dev/null and b/assets-updated-train/img/directory.png differ diff --git a/assets-updated-train/img/directory.png.crdownload b/assets-updated-train/img/directory.png.crdownload new file mode 100644 index 0000000..f6a453c Binary files /dev/null and b/assets-updated-train/img/directory.png.crdownload differ diff --git a/assets-updated-train/img/pastbin.jpg b/assets-updated-train/img/pastbin.jpg new file mode 100644 index 0000000..e032091 Binary files /dev/null and b/assets-updated-train/img/pastbin.jpg differ diff --git a/assets-updated-train/img/ssltest.png b/assets-updated-train/img/ssltest.png new file mode 100644 index 0000000..d39f3ea Binary files /dev/null and b/assets-updated-train/img/ssltest.png differ diff --git a/assets-updated-train/img/stackoverflow.png b/assets-updated-train/img/stackoverflow.png new file mode 100644 index 0000000..f682589 Binary files /dev/null and b/assets-updated-train/img/stackoverflow.png differ diff --git a/assets-updated-train/img/subdomain.png b/assets-updated-train/img/subdomain.png new file mode 100644 index 0000000..5a52eae Binary files /dev/null and b/assets-updated-train/img/subdomain.png differ diff --git a/assets-updated-train/img/wpsearch.jpg b/assets-updated-train/img/wpsearch.jpg new file mode 100644 index 0000000..cb869d4 Binary files /dev/null and b/assets-updated-train/img/wpsearch.jpg differ diff --git a/assets/bootstrap/js/app.js b/assets/bootstrap/js/app.js index d7aa26b..2f5e585 100644 --- a/assets/bootstrap/js/app.js +++ b/assets/bootstrap/js/app.js @@ -1,27 +1,29 @@ const input = document.getElementById("domain"); const form = document.querySelector('form'); -const revereip = document.getElementById("l1"); -const shodan = document.getElementById("link2"); -const github = document.getElementById("link3"); -const loginpages = document.getElementById("link4"); -const secheader = document.getElementById("link5"); -const waybackmachine = document.getElementById("link6"); -const ssltest = document.getElementById("link7"); -const wordpresssearch = document.getElementById("link8"); -const wordpresscontents = document.getElementById("link9"); -const whatcms = document.getElementById("link10"); -const pastbin = document.getElementById("link11"); -const stackoverflow = document.getElementById("link12"); -const s3buckets = document.getElementById("link13"); -const subdomains = document.getElementById("link14"); -const phpinfo = document.getElementById("link15"); -const backupfiles = document.getElementById("link16"); -const configlogfiles = document.getElementById("link17"); -const certsh = document.getElementById("link18"); -const directorylisting = document.getElementById("link19"); -const passwordfiles = document.getElementById("link20"); -const robots = document.getElementById("link21"); -const openredirect = document.getElementById("open"); + + +const revereip = document.getElementById("l1"); //done2 +const shodan = document.getElementById("link2"); //done2 +const github = document.getElementById("link3"); //done2 +const loginpages = document.getElementById("link4"); //done2 +const secheader = document.getElementById("link5"); //done2 +const waybackmachine = document.getElementById("link6"); //done2 +const ssltest = document.getElementById("link7"); //done2 +const wordpresssearch = document.getElementById("link8"); //done2 +const wordpresscontents = document.getElementById("link9"); //done2 +const whatcms = document.getElementById("link10"); //done2 +const pastbin = document.getElementById("link11"); //done2 +const stackoverflow = document.getElementById("link12"); //done2 +const s3buckets = document.getElementById("link13"); //done2 +const subdomains = document.getElementById("link14"); //done2 +const phpinfo = document.getElementById("link15"); //done2 +const backupfiles = document.getElementById("link16"); //done2 +const configlogfiles = document.getElementById("link17"); //done2 +// const certsh = document.getElementById("link18"); +const directorylisting = document.getElementById("directory1"); //done1 +const passwordfiles = document.getElementById("passwd1"); //done1 +const robots = document.getElementById("robot1"); //done1 +const openredirect = document.getElementById("open1"); //done1 form.addEventListener('submit', function(event) { @@ -32,7 +34,7 @@ form.addEventListener('submit', function(event) { loginpages.href = `https://www.google.com/search?q=site:${input.value} inurl:login | inurl:signin | intitle:Login | intitle: signin | inurl:auth`; secheader.href = `https://securityheaders.com/?q=${input.value}&followRedirects=on`; waybackmachine.href = `https://web.archive.org/web/*/${input.value}/*`; - ssltest.href = `https://www.ssllabs.com/ssltest/analyze.html?d=${input.value}`; + ssltest.href = `https://www.ssllabs.com/ssltest/analyze.html?d=${input.value}&latest`; wordpresssearch.href = `http://wwwb-dedup.us.archive.org:8083/cdx/search?url=${input.value}/&matchType=domain&collapse=digest&output=text&fl=original,timestamp&filter=urlkey:.*wp[-].*&limit=1000000&xx=`; wordpresscontents.href = `https://google.com/search?q=site:${input.value} inurl:wp- | inurl:wp-content | inurl:plugins | inurl:uploads | inurl:themes | inurl:download`; whatcms.href = `https://whatcms.org/?s=${input.value}`; @@ -43,7 +45,7 @@ form.addEventListener('submit', function(event) { phpinfo.href = `https://google.com/search?q=site:${input.value} ext:php intitle:phpinfo 'published by the PHP Group'`; backupfiles.href = `https://www.google.com/search?q=site:${input.value} ext:bkf | ext:bkp | ext:bak | ext:old | ext:backup`; configlogfiles.href = `https://www.google.com/search?q=site:${input.value} ext:xml | ext:conf | ext:cnf | ext:reg | ext:inf | ext:rdp | ext:cfg | ext:txt | ext:ora | ext:ini | ext:log`; - certsh.href = `https://crt.sh/?q=${input.value}`; + // certsh.href = `https://crt.sh/?q=${input.value}`; directorylisting = `https://www.google.com/search?q=site:${input.value} intitle:index.of | 'parent directory'`; passwordfiles = `https://www.google.com/search?q=site:${input.value} 'password' filetype:doc | filetype:pdf | filetype:docx | filetype:xls | filetype:dat | filetype:log`; robots.href = `https://www.google.com/search?q=${input.value}+robots.txt`; diff --git a/assets/css/styles.css b/assets/css/styles.css index 6e3ea2a..dd22bef 100644 --- a/assets/css/styles.css +++ b/assets/css/styles.css @@ -6,7 +6,7 @@ body{ background-color: #0d0030; } -.searchcontainer{ +/* .searchcontainer{ left: 50%; bottom: 50%; transform: translate(-50%,50%); @@ -22,7 +22,7 @@ table{ .searchcontainer input{ width: 400px; padding: 10px; - /* padding: 0 10px; */ + padding: 0 10px; border: none; outline: none; background-color: transparent; @@ -32,11 +32,51 @@ table{ } .searchcontainer input::placeholder{ color: white; -} +} */ .searchcontainer i{ cursor: pointer; } +.searchcontainer { + display: inline-block; /* flex*/ + justify-content: center; + align-items: center; + margin: 0 20px; + } + + table { + border: none; + } + + input[type="text"] { + padding: 5px; + width: 300px; + font-size: 16px; + border-radius: 5px; + border: none; + box-shadow: 0px 2px 2px rgba(0, 0, 0, 0.2); + margin-right: 10px; + } + + input[type="submit"] { + padding: 5px; + border-radius: 5px; + border: none; + background-color: rgba(42, 87, 107, 1); + color: white; + font-size: 16px; + cursor: pointer; + box-shadow: 0px 2px 2px rgba(0, 0, 0, 0.2); + transition: all 0.3s ease-in-out; + } + + input[type="submit"]:hover { + background-color: white; + color: rgba(42, 87, 107, 1); + box-shadow: 0px 4px 4px rgba(0, 0, 0, 0.2); + } + + #myBtn { display: none; @@ -58,3 +98,29 @@ table{ background-color: #555; } + .ribbon { + background-color: #a00; + overflow: hidden; + white-space: nowrap; + position: absolute; + right: -50px; + top: 40px; + transform: rotate(45deg); + box-shadow: 0 0 10px #888; + } + + .ribbon a { + border: 1px solid #faa; + color: #fff; + display: block; + font: bold 81.25% "Helvetica Neue", Helvetica, Arial, sans-serif; + margin: 1px 0; + padding: 10px 50px; + text-align: center; + text-decoration: none; + text-shadow: 0 0 5px #444; + } + + .ribbon a:hover{ + color: black; + } \ No newline at end of file diff --git a/data.json b/data.json deleted file mode 100644 index 6e1da78..0000000 --- a/data.json +++ /dev/null @@ -1,127 +0,0 @@ -{ - "0":{ - "img":"images/01.png", - "name":"Open Redirect", - "link":"https://www.google.com/search?q=site:domainname%20inurl:redir%20|%20inurl:url%20|%20inurl:redirect%20|%20inurl:return%20|%20inurl:src=http%20|%20inurl:r=http" - }, - "1":{ - "img":"images/02.png", - "name":"Robot txt", - "link":"https://www.google.com/search?q=domainname+robots.txt" - }, - "2":{ - "img":"images/03.png", - "name":"Password files", - "link":"https://www.google.com/search?q=site:domainname 'password' filetype:doc | filetype:pdf | filetype:docx | filetype:xls | filetype:dat | filetype:log" - }, - "3":{ - "img":"images/04.jpg", - "name":"Directory Listing", - "link":"https://www.google.com/search?q=site:domainname intitle:index.of | 'parent directory'" - }, - "4":{ - "img":"images/05.png", - "name":"Database related", - "link":"https://www.google.com/search?q=site:domainname intext:'sql syntax near' | intext:'syntax error has occurred' | intext:'incorrect syntax near' | intext:'unexpected end of SQL command' | intext:'Warning: mysql_connect()' | intext:'Warning: mysql_query() | intext:'Warning: pg_connect()' | filetype:sqlext:sql | ext:dbf | ext:mdb" - }, - "5":{ - "img":"images/06.png", - "name":"Config and log files", - "link":"https://www.google.com/search?q=site:domainname ext:xml | ext:conf | ext:cnf | ext:reg | ext:inf | ext:rdp | ext:cfg | ext:txt | ext:ora | ext:ini | ext:log" - }, - "6":{ - "img":"images/07.png", - "name":"Backup files", - "link":"https://www.google.com/search?q=site:domainname ext:bkf | ext:bkp | ext:bak | ext:old | ext:backup" - }, - "7":{ - "img":"images/08.png", - "name":"Login Pages", - "link":"https://www.google.com/search?q=site:domainname inurl:login | inurl:signin | intitle:Login | intitle: signin | inurl:auth" - }, - "8":{ - "img":"images/09.png", - "name":"phpinfo()", - "link":"https://google.com/search?q=site:domainname ext:php intitle:phpinfo 'published by the PHP Group'" - }, - "9":{ - "img":"images/10.png", - "name":"Search in GitHub", - "link":"https://github.com/search?q=domainname" - }, - "10":{ - "img":"images/11.png", - "name":"Find subdomains", - "link":"https://google.com/search?q=site:*.domainname" - }, - "11":{ - "img":"images/12.png", - "name":"Reverse ip lookup", - "link":"https://viewdns.info/reverseip/?host=domainname&t=1" - }, - "12":{ - "img":"images/13.png", - "name":"Search in crt.sh", - "link":"https://crt.sh/?q=domainname" - }, - "13":{ - "img":"images/14.png", - "name":"S3 Bucket", - "link":"https://google.com/search?q=site:.s3.amazonaws.com 'domainname'" - }, - "14":{ - "img":"images/15.png", - "name":"Search in StackOverflow", - "link":"https://google.com/search?q=site:stackoverflow.com 'domainname'" - }, - "15":{ - "img":"images/16.png", - "name":"Search in pasting sites", - "link":"https://google.com/search?q=site:pastebin.com | site:paste2.org | site:pastehtml.com | site:slexy.org | site:snipplr.com | site:snipt.net | site:textsnip.com | site:bitpaste.app | site:justpaste.it | site:heypasteit.com | site:hastebin.com | site:dpaste.org | site:dpaste.com | site:codepad.org | site:jsitor.com | site:codepen.io | site:jsfiddle.net | site:dotnetfiddle.net | site:phpfiddle.org | site:ide.geeksforgeeks.org | site:repl.it | site:ideone.com | site:paste.debian.net | site:paste.org | site:paste.org.ru | site:codebeautify.org | site:codeshare.io | site:trello.com 'domainname'" - }, - "16":{ - "img":"images/17.png", - "name":"What CMS?", - "link":"https://whatcms.org/?s=domainname" - }, - "17":{ - "img":"images/18.png", - "name":"WordPress Contents", - "link":"https://google.com/search?q=site:domainname inurl:wp- | inurl:wp-content | inurl:plugins | inurl:uploads | inurl:themes | inurl:download" - }, - "18":{ - "img":"images/18.png", - "name":"Wordpress deep search", - "link":"http://wwwb-dedup.us.archive.org:8083/cdx/search?url=domainname/&matchType=domain&collapse=digest&output=text&fl=original,timestamp&filter=urlkey:.*wp[-].*&limit=1000000&xx=" - }, - "19":{ - "img":"images/19.png", - "name":"Vulnerable search string", - "link":"https://google.com/search?q=site:domainname inurl:php?=id1 | inurl:index.php?id= | inurl:pageid= | inurl:.php?" - }, - "20":{ - "img":"images/20.png", - "name":"SSL Server Test", - "link":"https://www.ssllabs.com/ssltest/analyze.html?d=domainname" - }, - "21":{ - "img":"images/21.svg", - "name":"Search in Wayback Machine(Internet Archive)", - "link":"https://web.archive.org/web/*/domainname/*" - }, - "22":{ - "img":"images/22.png", - "name":"Search in Shodan.io", - "link":"https://www.shodan.io/search?query=domainname" - }, - "23":{ - "img":"", - "name":"Search in //grep.app", - "link":"https://grep.app/search?q=domainname" - }, - "24":{ - "img":"images/23.png", - "name":"Check Security Headers", - "link":"https://securityheaders.com/?q=domainname&followRedirects=on" - } -} \ No newline at end of file diff --git a/index.html b/index.html index 5bb61d8..dac0667 100644 --- a/index.html +++ b/index.html @@ -39,37 +39,28 @@
-
@@ -193,7 +184,7 @@

Security header-check

Security headers are directives used by web applications to configure security defenses in web browsers. Based on these directives, browsers can make it harder to exploit client-side vulnerabilities

- sec-header dork🕶️ @@ -215,7 +206,7 @@

Wayback machine



A digital archive of the WEB, to find sensitive or interesting information about a organization that was previously publicly accessible.

- Wayback searech💀 @@ -231,7 +222,7 @@

Wordpress Content search🔍

WordPress websites "wp-content" directory exposed and publicly accessible may contain vulnerabilities or sensitive information

- wpcontent-dork🚀 @@ -247,7 +238,7 @@

AWS S3 Buckets

a search query used to find Amazon Simple Storage Service (S3) buckets that are misconfigured and publicly accessible.

- aws s3-recon⚡ @@ -267,7 +258,7 @@

robot.txt searech💀 Cyberaces

find files named "robots.txt" on websites, which are used to control access to a website's pages by search engine crawlers and other automated agents

- robots.txt @@ -283,7 +274,7 @@

phpinfo

search query used to find websites that have the PHP "phpinfo" page publicly accessible. The PHP "phpinfo" page displays information about the server's PHP configuration

- phpinfo @@ -299,7 +290,7 @@

password files dork💥

used to find files that contain passwords on websites. These files can be in various formats, such as plaintext, CSV, or database files.

- hunt for pass-files @@ -308,6 +299,184 @@

+
+
+
+
+
+
+
+

SSL Test

+



SSL testing is a process of evaluating the security of the SSL (Secure Socket Layer) protocol implementation on a web server.

+
Check for SSL certificate +
+
+
+
+
+
+
+
+
+

Wordpress Dork 😈 +

+

A "deep search dork" in the context of web application penetration testing refers to a search query used to find vulnerable WordPress websites.

+
Hunt for vulnerable Wp-sites +
+
+
+
+
+
+
+
+
+

What-CMS? +

+

CMS is a software platform that provides a framework for managing, organizing, and publishing web content, such as text, images, and videos.

+
what-cms-search⚡ +
+
+
+
+ +
+
+
+
+
+
+
+
+

Pastbin Lookup + Cyberaces

+

Pastebin lookup is a process of searching the popular online text storage website Pastebin for sensitive information that may have-been leaked

+
Pastbin-lookup +
+
+
+
+
+
+
+
+
+

dork-through stack-overflow

+

search query to find vulnerable webapp's is often used by security researchers and attackers to find vulnerabilities that can be exploited

+

+
stackoverflow dork💥 +
+
+
+
+
+
+
+
+
+

Subdomain CHECK 🕶️ +

+

a search query used to find subdomains of a particular domain. This type of search query is often used by security researchers and attackers to identify additional targets within a domain

+
subdoamin-enum +
+
+
+
+
+ + + + +
+
+
+
+
+
+
+
+

config files dork💥 + Cyberaces

+

search query used to find sensitive configuration files that may have been accidentally leaked. These may contain sensitive data such as login credentials, server configurations,

+
Backup files dork +
+
+
+
+
+
+
+
+
+

backup-files dork

+

a search query used to find backup files that may have been accidentally leaked online. These files can contain sensitive information such as source code, database backups,

+

+
config-fiels dork +
+
+
+
+
+
+
+
+
+

Directory Listing +

+

a search query used to find web directories that have directory listing enabled, allowing directory contents to be listed and browsed.

+
Directory-listing-dork +
+
+
+
+
+ + + + + + + + + + + + + + +