TUT How to Use V3n0M-Scanner For Scanning Dorks | Proxyless

hackersguy009

Member
Registered
BANNED
It's a very advanced tool which scans dorks like SQLi Dumper, but v3n0m is faster and soo better !

So The First Step :

Kali Linux : The best way for use and install kali linux, creating a Linux Virtual Machine. For Downloading Virtual Machine Click Here : http://download.virtualbox.org/virtualbox/5.2.14/VirtualBox-5.2.14-123301-Win.exe Install it on your PC , Download the .iso of the windows version you need, here we will use Windows 10, to avoid problems with the license key To do so, download the media creation tool, select your language, windows version and 64-bit,



Download Kali Linux : Download the kali linux .iso you need from this page https://www.kali.org/downloads/ ... Open Virtualbox and create a new VM with the "new" button. I suggest you to give the VM the half of the ram of your main OS and 20 GB of storage After the VM has been created go in the VM options, under the storage panel go to "Controller: Sata" and next to the "Optical Drive" voice select "Choose optical disk from file" .iso you have just downloaded , Now RUN the Virtual Machine and follow the Installation.



Downloading V3n0m And Installation : V3n0M SCanner is available for free at https://github.com so we will need the "git" command to download it. To do so open the terminal and type this command:

Code:

apt-get install git
None


After installed, download v3n0m with this command:

Code:

git clone https://github.com/v3n0m-Scanner/V3n0M-Scanner.git
None

Now install these packages to avoid errors related to python. Run the commands below:

Code:

apt-get install python-dev
apt-get install python3-dev
apt-get install python3-bs4
None

Enter the v3n0m scanner directory using this command:

Code:

cd V3n0M-Scanner/
None


Finally, we can install V3n0M-Scanner using this command:

Code:

python3 setup.py install --user
None

3. Running the program , Import The Dork

Before running the program you will need to enter the src directory, so (without exiting the V3n0M-Scanner/ dir) type:

Code:

cd src
None


Now you can run the program


Code:

python3 v3n0m.py
None


The main menu will be displayed

Here is a screenshot of it:

Image Link

If you see that menu, you have successfully installed V3n0M-Scanner! Congratulations!

Before starting to scan your dorks, exit the program (type 0 and press enter).


To load your dorks, firstly install the "nano text editor" to upload your dorks, to do so, use this command

Code:

apt-get install nano
None

Now, (without leaving the src directory) enter the "lists" directory using this command:

Code:

cd lists
None

In this directory, there is a file called "d0rks". We will edit that file to put your dorks. To edit the "d0rks" file type this command:

Code:

nano d0rks
None


You will see some "default" dorks; we are going to delete them all. To delete every default dork, we will use the commands below:

Code:

Ctrl+6 (to set a mark)
Ctrl+/ (to open a little menu)
Ctrl+v (to go to the end of the file)
Ctrl+k (to delete everything)
None


To put your dorks copy them and paste them in the nano editor

You can now exit the nano text editor by typing:

Code:

Ctrl+x
y
press enter
None

We are now going to rerun the V3n0M-Scanner! Let's get back to the "src" directory:

Code:

cd ..
None

Type the command we have seen before running the scanner:

Code:

python3 v3n0m.py
None


Finally, we can start using this program!

4. SCANNING THE DORKS with V3n0M-Scanner


Warning: for security reasons, it is recommended to use a VPN to protect and hide your IP address (you don't have to). If your primary operating system is windows, you can just turn the VPN on in Windows, outside the VM. You could also use proxies, but they are less-performing. It's also recommended to switch the location periodically, but it's not needed.

In the main menu select the fist option "Dork and Vuln Scan" (type 1 and press enter)

Now you can choose a target domain for your dorks if you need. Otherwise, just press enter.

Then, the program will ask you how many dorks you want to scan (they will be picked randomly from the d0rks file, 0=all.

After that you will be asked to choose the number of threads, If you have a decent internet (4+ Mb/s), you can use 500 threads with no problem. Otherwise, you can use 250,100 or anything you want.

Then, you will need to choose the pages of the search engine (bing) to be scanned. I suggest picking 25 or 50

The engine will start

Hint : don't load too many dorks; if you stop the engine you will lose the results.

IMPORTANT: turn your firewall/Antivirus Off while v3n0m is running because it Will probably make you lose many hits.

After scanning, the engine will stop, you will be asked what to do with harvested URLs, the best option is the number 1 (SQLi Testing), to check vulnerable sites.

Once you have all the vulnerable sites you can try to make manual injection using SQLMAP (TuT Soon... )

Otherwise copy all the injectable sites and to make a text document, then import the injectables sites in SQLi Dumper and Scan them! just keep in mind that you will lose some URLs in SQLi dumper, because it can't recognize every injection type, like SQLMAP does.

Don't forget to leave a like please! Hope you gained some knowledge about the use of V3N0M-SCANNER today!
 

Similar threads