All techniques that I am writing in this blog is only for educational & ethical vulnerability research purposes. Author is not responsible for any misuse!

🌐 Site: zoomeye.ai

After banging my head for couple of days for more dork crafting ideas, I came up with this simple and easy technique described in the end.

ZoomEye Dorks

http.body="InvalidOperationException"
None
title="DisallowedHost at /"
http.body="DisallowedHost"
None
title="ModuleNotFoundError at /"
None
None
http.body="MongoError"
None
None

🤑 Extract all keywords for dorking from Nuclei Public Templates

First update nuclei templates to fetch latest templates

#update nuclei template
nuclei -ut
None

Find location where you downloaded the templates

locate nuclei-templates
None
cd /path/to/nuclei-templates
cd /file/logs/
None

Extract all matcher keywords present in the YAML Templates

grep -rhoP "^\s*-\s*'[^']+'" . --include="*.yaml" | sed -E "s/^\s*-\s*'([^']+)'/\1/"
None

Directly make the dork syntax with it

grep -rhoP "^\s*-\s*'[^']+'" . --include="*.yaml" | sed -E "s/^\s*-\s*'([^']+)'/http.body=\"\1\"/"
None

Save the dorks into a file

grep -rhoP "^\s*-\s*'[^']+'" . --include="*.yaml" | sed -E "s/^\s*-\s*'([^']+)'/http.body=\"\1\"/" > zoomeye_dorks.txt
None

🤖 ChatGPT Prompt Ideas for Mass Automation

None

🙂 Enjoy this mass hunting technique

None

You can apply the same mass hunting technique for any other bug given that you have the API Key :)

Disadvantage: As always only the first hunter who will report wins, if duplicate, then the credits used for the API calls wasted successfully 🙂

ZoomEye Dorking | Advanced Recon Techniques

Learn how to use ZoomEye Search Engine to perform advanced dorking for OSINT, Recon, Bug Bounty & Pentesting

medium.com

Advanced Shodan

Edit description

medium.com

FOFA Dorking

Most important feature why I love FOFA dorking is, it can match any keyword directly within Javascript files. Bring…

medium.com

Advanced Google Dorking

Edit description

medium.com