Website Hacking

Google Dorking With ATScan

This post is going to talk about how to google dork search using a free tool called ATScan which can be found at github.

What Is ATScan?

ATScan is a free open source Advanced Search / Dork / Mass Exploitation Scanner 

It can be used to scan and crawl the internet for websites which contain vulnerable code such as SQLI, XSS or even command injection, this program can be interactive or command line based.

How To Download & Install ATScan?

Libraries to install

Perl Required.
Works on all platforms.

Download

● git clone https://github.com/AlisamTechnology/ATSCAN
● direct link: https://github.com/AlisamTechnology/ATSCAN

Permissions

cd ATSCAN
chmod +x ./atscan.pl

Installation

chmod +x ./install.sh
./install.sh

Execution

Portable Execution: perl ./atscan.pl
Installed Tool Execution: atscan
Menu: Applications > Web Application analysis > atscan

Uninstall Tool

atscan –uninstall

 

 

Can I Use ATScan In Bug Bounty Programs?

YES!!, bug bounty programs such as openbugbounty.org 

Only accept certain types of vulnerabilities such as XSS (Cross Site Scripting) but, they do not accept SQLI (SQL Injection) so, ATScan can be very useful to use google dorks to find vulnerable websites to report.

Let’s have a quick talk about openbugbounty.org

openbugbouny.org is a bug bounty program that allows ethical hackers to find any website on the WWW (World Wide Web) that is vulnerable to dangerous attacks like XSS, CSRF, Improper Access Control or Open Redirect vulnerabilities once you have found a website you need to report it. The point of this bug bounty program is to keep the World Wide Web safe from the black hats, Quite often you are rewarded which can be quite satisfying for a hacker.

More Tools

Here is a list of google dork searching tools that might be useful for different purposes.

http://egodox.blogspot.com.au/2013/05/list-of-best-dork-scanner.html

 

Heres A Quick Video of ATScan In Action

 

Hope this post was helpful please feel free to comment if you have any questions or if there are any changes or mistakes that need to be made.

Leave a Reply