DorkMe – Tool Designed With The Purpose Of Making Easier The Searching Of Vulnerabilities With Google Dorks

DorkMe is a tool designed with the purpose of making easier the searching of vulnerabilities with Google Dorks, such as SQL Injection vulnerabilities.DorkMe is a tool designed with the purpose of making easier the searching of vulnerabilities with Google Dorks, such as SQL Injection vulnerabilities.Dependencies pip install -r requirements.txtIt is highly recommended to add more dorks for an effective search, keep reading to see howUsagepython DorkMe.py –helpExamples:python DorkMe.py –url target.com –dorks vulns -v (recommended for test)python DorkMe.py –url target.com –dorks Deprecated,Info -v (multiple dorks)python DorkMe.py –url target.com –dorks all -v (test all)AboutDorkMe is a tool designed with the purpose of making easier the searching of vulnerabilities with Google Dorks, such as SQL Injection vulnerabilities.Any idea, failure etc please report to telegram: blueudpdork folder contains -> dorks to search, result folder contains -> results of DorkMe executionTested in ParrotOS and Kali Linux 2.0Beta VersionRemember DorkMe is beta, to avoid bans DorkMe wait about 1 minute on each request and 3 minutes every 100 requestsAdd DorksIf you want to add new dorks put it in one of the files in the dorks folder (preferable in its category), if it is not, you can add it to mydorks.txt. to add it: in the first line add the dork, in the second the severity: high , medium or low, and finally its description, look at the other files to do it correctlyEXAMPLE:inurl:php?id= [enter]high [enter]SQLi [enter](space)another dorkContact:Telegram: blueudpTwitter: https://twitter.com/blueudpDownload DorkMe

Link: http://feedproxy.google.com/~r/PentestTools/~3/sfavhb6w1YA/dorkme-tool-designed-with-purpose-of.html

Reddit Breach Highlights Limits of SMS-Based Authentication

Reddit.com today disclosed that a data breach exposed some internal data, as well as email addresses and passwords for some Reddit users. As Web site breaches go, this one doesn’t seem too severe. What’s interesting about the incident is that it showcases once again why relying on mobile text messages (SMS) for two-factor authentication (2FA) can lull companies and end users into a false sense of security.

Link: https://krebsonsecurity.com/2018/08/reddit-breach-highlights-limits-of-sms-based-authentication/