Automated Dorking for Fun and Pr^wSalary

Presented at BSidesLV 2016, Aug. 3, 2016, 2 p.m. (30 minutes).

A dork is a specialized search engine query which reveals unintentional data leaks and vulnerable server configurations. In order to catalogue vulnerable hosts with minimal manual intervention we're now introducing an open-source framework for grabbing newly published dorks from various sources and continuously executing them in order to establish a database of exposed hosts. A similar project (SearchDiggity, closed source, Windows only) had its latest release in 2013 and the latest blog post was published in 2014.

Presenters:

• Filip Reesalu - Security Researcher - Recorded Future
  Security Researcher @ Recorded Future. Spent a few years in engineering and data science positions before transitioning over to figuring out clever ways to use open source intelligence for defence.

Links:

• https://bsideslv2016.sched.com/event/7ZXm/automated-dorking-for-fun-and-prwsalary
• https://www.youtube.com/watch?v=ZohvYyO8a4k