1. We will be using a program named ‘Work with Dorks’. You can download it here: https://filebin.net/…_by_Ituriel.zip
Please use a virtual machine or sandboxie when running it.
This is how the program looks like:
2. Next step is to get keywords. Most of the dork tutorials just tell you to use a keyword scraper, but it won’t be very efficient. The key is to get keywords that are related to injectable and vulnerable websites.
In this case we will use the most common query to find vulnerable urls, which is
Just google this thing (GOOGLE it, don’t duckduckgo it or yahoo it), and just get all the websites’ names that you find. For example, if you see this site in the query results https:/ /www. finvent. com/details. php?id=20, the keyword would be ‘finvent’. Just make a list of all the websites you find.
Note that if you want to automatize this process, you can contact me on discord and I’ll code it for you
3. Insert your keywords into the program, in the ‘Name of pages’ field.
4. Let’s use a little trick that will assure more HQ results. Instead of just leaving your keywords this way, change them a bit following this format:
keyword name(PUT A SPACE)/(PUT A SPACE)
Make sure to put the spaces the right way.
5. Fill up the ‘page type’ field. It is likely some more general keywords that sum up what the ‘name of pages’ keywords are. For example, if you have a keyword that is about fifa21, put ‘soccergame’ into the page type field. As before, use the same format, which is keyword(space)/(space)
6. Fill up the ‘page type p.2’ field. It is more likely the page format. Here’s a list you can use:
cat/? .phtml? events? products/? site/? .cfm? contact-us? blog/? asp .asp aspx? cfm .cfm .asp? .cgi? .aspx? .flv? .pdf? .jsf? .ashx? .raw? .File? .tss? .blog? .html? .flv? .pdf? .jsf? .jsp? .psml? .raw? .File? .tss? .blog? .htm?
As usual, use the same format for them.
7. Finally, let’s fill the ‘requests’ field, which is what sites type you want to target. I recommend using these:
site:de site:fr site:ca site:ru
This is what your dork should look like:
fifa18 / soccergame / .aspx / site:de
8. Just click ‘Start’ and enjoy your dorks!
Hope you enjoyed this tutorial.