Automated Dorking for Fun and Pr^wSalary

Presented at BSidesLV 2016, Aug. 3, 2016, 2 p.m. (30 minutes)

A dork is a specialized search engine query which reveals unintentional data leaks and vulnerable server configurations. In order to catalogue vulnerable hosts with minimal manual intervention we're now introducing an open-source framework for grabbing newly published dorks from various sources and continuously executing them in order to establish a database of exposed hosts. A similar project (SearchDiggity, closed source, Windows only) had its latest release in 2013 and the latest blog post was published in 2014.

Presenters:

  • Filip Reesalu - Security Researcher - Recorded Future
    Security Researcher @ Recorded Future. Spent a few years in engineering and data science positions before transitioning over to figuring out clever ways to use open source intelligence for defence.

Links: