Open in app

Sign in

Write

Sign in

Hack Google Like a Pro: Automate Google Dorks with Bash for Bug Bounties!

enigma
5 min readSep 12, 2024

--

Introduction:

For bug bounty hunters, Google Dorks are an incredibly powerful way to discover exposed files, misconfigurations, and hidden pages. But, manually running each dork query can be tedious. With automation, this entire process can be done faster, more efficiently, and in bulk!

In this first part of our series, we will focus on creating a Bash script that takes in a target domain, runs multiple Google Dork queries, and outputs clickable links you can open in your browser. This will significantly speed up the reconnaissance phase of your bug bounty hunting process.

Why Automate Google Dorks?

Automating Google Dorks can greatly enhance your bug bounty workflow by:

  • Saving time: No need to enter dorks manually.
  • Increasing accuracy: Make sure you run a full set of predefined queries.
  • Streamlining the process: Clickable links mean less copy-pasting and more efficient browsing.

Instead of searching for exposed files, logins, and sensitive directories one by one, you’ll run a single command in the terminal to generate and open a wide range of dork results.

Writing the Bash Script to Automate Google Dorks

Here’s how to create a script that will generate clickable Google Dorks for your target:

Step 1: Create a New Script File

Open your terminal and create a new Bash script file:

nano GoogleDorks.sh

Step 2: Writing the Script

This is the core part of the script. It allows users to input a target domain, run predefined Google Dorks, and output clickable links:

#!/bin/bash
# Google Dork Automation Script
# Usage: ./GoogleDorks.sh target.com
# Check if a domain was provided
if [ -z "$1" ]; then
    echo "Usage: $0 target.com"
    exit 1
fi
# Set the target domain from the first argument
target=$1
# List of Google Dorks
dorks=(
    "ext:php"
    "inurl:login"
    "inurl:admin"
    "ext:sql"
    "ext:conf"
    "intitle:index.of"
    "ext:bak"
    "ext:log"
    "ext:json"
    "inurl:dashboard"
)
# Loop through each dork and generate a clickable link
echo "Google Dork results for $target:"
for dork in "${dorks[@]}"
do
    # Generate the URL
    url="https://www.google.com/search?q=site:$target+$dork"
    echo $url
done
# Optional: Add instructions for the user to copy and paste into their browser.
echo "Copy and paste the above URLs into your browser or use a tool to open them directly."

Step 3: Making the Script Executable

After writing the script, make it executable:

chmod +x GoogleDorks.sh

Step 4: Running the Script

To use the script, run the following command in the terminal:

./GoogleDorks.sh target.com

Replace target.com with the domain you're investigating. The script will generate clickable Google Dork links that you can paste into your browser or open with a tool.

Automatically Opening Links in the Browser

If you want to take automation one step further, you can modify the script to automatically open each Google Dork link in your default browser. Here’s how to update the script:

#!/bin/bash
# Google Dork Automation Script with Browser Opening
# Usage: ./GoogleDorks.sh target.com
# Check if a domain was provided
if [ -z "$1" ]; then
    echo "Usage: $0 target.com"
    exit 1
fi
# Set the target domain from the first argument
target=$1
# List of Google Dorks
dorks=(
    "ext:php"
    "inurl:login"
    "inurl:admin"
    "ext:sql"
    "ext:conf"
    "intitle:index.of"
    "ext:bak"
    "ext:log"
    "ext:json"
    "inurl:dashboard"
)
# Loop through each dork and open it in the default browser
echo "Google Dork results for $target:"
for dork in "${dorks[@]}"
do
    # Generate the URL
    url="https://www.google.com/search?q=site:$target+$dork"
    echo "Opening $url"
    xdg-open "$url"  # Linux users
    # open "$url"    # macOS users
done

Now, when you run the script, it will automatically open each Google Dork search in your default browser, one by one.

Expanding Your Dork Arsenal

The script can be easily customized by adding more Google Dork queries to the dorks array. Some additional dorks you might want to include are:

"inurl:portal"
    "inurl:index"
    "ext:backup"
    "inurl:config"
    "inurl:wp-content"

You can extend this as much as you want, depending on the type of files, directories, or pages you’re looking for on your target.

Using Bug Bounty Helper for Dork Automation

While this script is great for terminal automation, sometimes you want a visual tool with more functionality. Bug Bounty Helper, the web-based platform shown in the screenshot above, automates not only Google Dorks but also integrates various bug bounty research tools.

In Part 2, we’ll cover how to use Bug Bounty Helper to generate even more dork queries, check historical data with Wayback Machine, and explore other powerful automation techniques.

Full Bash Script:

Here’s the full version of the Bash script that generates clickable Google Dork links and opens them in your browser automatically:

Script that open links automatically in your browser

#!/bin/bash
# Google Dork Automation Script with Browser Opening
# Usage: ./GoogleDorks.sh target.com
# Check if a domain was provided
if [ -z "$1" ]; then
    echo "Usage: $0 target.com"
    exit 1
fi
# Set the target domain from the first argument
target=$1
# List of Google Dorks
dorks=(
    "ext:php"
    "inurl:login"
    "inurl:admin"
    "ext:sql"
    "ext:conf"
    "intitle:index.of"
    "ext:bak"
    "ext:log"
    "ext:json"
    "inurl:dashboard"
)
# Loop through each dork and open it in the default browser
echo "Google Dork results for $target:"
for dork in "${dorks[@]}"
do
    # Generate the URL
    url="https://www.google.com/search?q=site:$target+$dork"
    echo "Opening $url"
    xdg-open "$url"  # Linux users
    # open "$url"    # macOS users
done

Script that open links by CTRL + CLICK

#!/bin/bash

# Google Dork Automation Script for Clickable Links
# Usage: ./GoogleDorks.sh target.com

# Check if a domain was provided
if [ -z "$1" ]; then
    echo "Usage: $0 target.com"
    exit 1
fi

# Set the target domain from the first argument
target=$1

# List of Google Dorks
dorks=(
    "ext:php"
    "inurl:login"
    "inurl:admin"
    "ext:sql"
    "ext:conf"
    "intitle:index.of"
    "ext:bak"
    "ext:log"
    "ext:json"
    "inurl:dashboard"
)

# Loop through each dork and output clickable links
echo "Google Dork results for $target:"
for dork in "${dorks[@]}"
do
    # Generate the URL
    url="https://www.google.com/search?q=site:$target+$dork"
    
    # Print the URL (it will be clickable in most terminals or you can copy it)
    echo -e "\e]8;;$url\e\\Click to search: $dork\e]8;;\e\\"
done

echo "Click on the links above or copy-paste them into your browser."

Conclusion:

By automating Google Dorks with a Bash script, you can streamline your bug bounty hunting process, increase efficiency, and make your recon phase far more productive. This script is simple to set up, easy to extend, and instantly gives you a competitive edge in finding vulnerabilities.

My X.com

Thank You ! So much for reading this article, I hope you like it.

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

Dorks
Bug Bounty
Bug Bounty Tips
Pentesting
Hacker

--

--

enigma
enigma

Written by enigma

74 Followers
13 Following

Bug hunter | Expert in javascript | Command Line Ninja | Information Technology students

Responses (2)

Write a response

What are your thoughts?

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams