Google Hacking on Target

Goohak.sh

#!/bin/bash
# + -- --=[GooHak v1.4 by 1N3
# + -- --=[http://crowdshield.com
#
# ABOUT:
# GooHak is a shell script to automatically launch google hacking queries 
# against a target domain to find vulnerabilities and enumerate a target.
#
# DEPENDENCIES:
# iceweasel
# Linux
#
# BHaFSec Modified Version: 
# We've modified the script to allow specifying the browser to use, and
# some additional gdork's we've come up with and use regularly.
#
# - Mike Baker <mike@bhafsec.com> <@_Bike_Maker_>

TARGET="$1"
BROWSER="$2"
DORKSONLY="$3"
OKBLUE='\033[94m'
OKRED='\033[91m'
OKGREEN='\033[92m'
OKORANGE='\033[93m'
RESET='\e[0m'

if [ -z $TARGET ]; then
	echo -e "$OKORANGE + -- --=[http://crowdshield.com$RESET"
	echo -e "$OKORANGE + -- --=[GooHak v1.3b by 1N3$RESET"
	echo -e "$OKORANGE + -- --=[Modified vers. by BHaFSec"
	echo -e "$OKORANGE + -- --=[Usage: goohak <domain> <browser> <dorksonly>$RESET"
	exit
fi

echo -e "Target set to: ${TARGET}"

if [ -z $BROWSER ]; then
	BROWSER='iceweasel'
fi

echo -e "Using browser: ${BROWSER}"

${BROWSER} 2> /dev/null &
sleep 3

if [ -z $DORKSONLY ]; then
	# LOAD WEBSITE IN A WEB BROSER
	$BROWSER http://$TARGET 2> /dev/null
	$BROWSER https://$TARGET 2> /dev/null
	# TCPUTILS
	$BROWSER "http://www.tcpiputils.com/browse/domain/$TARGET" 2> /dev/null
	# NETCRAFT
	$BROWSER "http://toolbar.netcraft.com/site_report?url=$TARGET" 2> /dev/null
	# SHODAN
	$BROWSER "https://www.shodan.io/search?query=$TARGET" 2> /dev/null
	# CENSYS
	$BROWSER "https://www.censys.io/ipv4?q=$TARGET" 2> /dev/null
	# ZONE-H
	$BROWSER "https://www.google.ca/search?q=site:zone-h.org+$TARGET" 2> /dev/null
	# XSSPOSED
	$BROWSER "https://www.xssposed.org/search/?search=$TARGET&type=host" 2> /dev/null
	# PUNKSPIDER
	$BROWSER "https://securityheaders.io/?q=$TARGET" 2> /dev/null
	# SSLLABS
	$BROWSER "https://www.ssllabs.com/ssltest/analyze.html?d=$TARGET" 2> /dev/null
	# HEADER CHECK
	$BROWSER "https://securityheaders.io/?q=$TARGET" 2> /dev/null
fi

sleep 2

# FIND LOGIN PAGES:
#$BROWSER "https://www.google.ca/search?q=site:.$TARGET+username+OR+password+OR+login+OR+root+OR+admin" 2> /dev/null
# SEARCH FOR BACKDOORS:
#$BROWSER "https://www.google.ca/search?q=site:.$TARGET+inurl:shell+OR+inurl:backdoor+OR+inurl:wso+OR+inurl:cmd+OR+shadow+OR+passwd+OR+boot.ini+OR+inurl:backdoor" 2> /dev/null
# FIND SETUP OR INSTALL FILES:
#$BROWSER "https://www.google.ca/search?q=site:.$TARGET+inurl:readme+OR+inurl:license+OR+inurl:install+OR+inurl:setup+OR+inurl:config" 2> /dev/null
# FIND WORDPRESS PLUGINS/UPLOADS/DOWNLOADS:
#$BROWSER "https://www.google.ca/search?q=site:.$TARGET+inurl:wp-+OR+inurl:plugin+OR+inurl:upload+OR+inurl:download" 2> /dev/null
# FIND OPEN REDIRECTS:
#$BROWSER "https://www.google.ca/search?q=site:.$TARGET+inurl:redir+OR+inurl:url+OR+inurl:redirect+OR+inurl:return+OR+inurl:src=http+OR+inurl:r=http" 2> /dev/null
# FIND FILES BY EXTENSION:
#$BROWSER "https://www.google.ca/search?q=site:.$TARGET+ext:cgi+OR+ext:php+OR+ext:asp+OR+ext:aspx+OR+ext:jsp+OR+ext:jspx+OR+ext:swf+OR+ext:fla+OR+ext:xml" 2> /dev/null
# FIND DOCUMENTS BY EXTENSION:
#$BROWSER "https://www.google.ca/search?q=site:.$TARGET+ext:doc+OR+ext:docx+OR+ext:csv+OR+ext:pdf+OR+ext:txt+OR+ext:log+OR+ext:bak" 2> /dev/null
# FIND APACHE STRUTS RCE's:
#$BROWSER "https://www.google.ca/search?q=site:.$TARGET+ext:action+OR+struts" 2> /dev/null
# FIND PASTEBIN POSTS FOR DOMAIN:
#$BROWSER "https://www.google.ca/search?q=site:.pastebin.com+$TARGET" 2> /dev/null
# FIND EMPLOYEES ON LINKEDIN:
#$BROWSER "https://www.google.ca/search?q=site:.linkedin.com+employees+$TARGET" 2> /dev/null
# FIND ANY FILETYPES THAT MIGHT BE OF INTEREST TO US: doc/x, xls/x, pdf, txt, rtf
# -/.old, -/.bak, -/.orig, etc.
${BROWSER} "https://www.google.ca/search?q=site:.$TARGET+ext:pdf+|+ext:xls+|+ext:xlsx+|+ext:doc+|+ext:docx+|+ext:sql+|+ext:sqlite3+|+ext:zip+|+ext:rar+|+ext:gz+|+ext:gzip+|+ext:tgz+|+ext:tar+|+ext:7zip+|+ext:eml+|+ext:pst+|+ext:cnf+|+ext:conf+|+ext:bak+|+ext:txt+|+ext:ppt+|+ext:pptx+|+ext:rtf+|+ext:rar+|+ext:bak+|+ext:orig+|+ext:old+|+ext:log"