https://github.com/chorozon666/chad

Chad - Dorking / Website Vulnerability Tool
https://github.com/chorozon666/chad

dork dorking dorking-target dorking-tool dorks google python scrapper scrapper-bot scrapper-script sql vulnerability-detection vulnerability-scanners website-scraper wordpress wordpress-site

Last synced: 2 months ago
JSON representation

Chad - Dorking / Website Vulnerability Tool

• Host: GitHub
• URL: https://github.com/chorozon666/chad
• Owner: Chorozon666
• Created: 2024-12-01T13:05:56.000Z (over 1 year ago)
• Default Branch: main
• Last Pushed: 2024-12-01T13:18:35.000Z (over 1 year ago)
• Last Synced: 2025-03-26T04:17:12.555Z (about 1 year ago)
• Topics: dork, dorking, dorking-target, dorking-tool, dorks, google, python, scrapper, scrapper-bot, scrapper-script, sql, vulnerability-detection, vulnerability-scanners, website-scraper, wordpress, wordpress-site
• Language: Python
• Homepage:
• Size: 13.7 KB
• Stars: 2
• Watchers: 2
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# Chad

Chad - Dorking / Website Vulnerability Tool / RDP , VPS Scanning 

Heys wrote this for fun while exploring vulnerable websites and thought it could be a interesting project to build on for the unbelivable amount of sensitive information that is floating around on search engines so chad was born

⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣀⣤⣤⣤⣶⣤⣤⣀⣀⣀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀

⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣠⣴⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣶⣄⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀

⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣾⣿⣿⣿⣿⣿⡿⠋⠉⠛⠛⠛⠿⣿⠿⠿⢿⣇⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀

⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣾⣿⣿⣿⣿⣿⠟⠀⠀⠀⠀⠀⡀⢀⣽⣷⣆⡀⠙⣧⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀

⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢰⣿⣿⣿⣿⣿⣷⠶⠋⠀⠀⣠⣤⣤⣉⣉⣿⠙⣿⠀⢸⡆⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀

⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢸⣿⣿⣿⣿⣿⠁⠀⠀⠴⡟⣻⣿⣿⣿⣿⣿⣶⣿⣦⡀⣇⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀

⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢨⠟⡿⠻⣿⠃⠀⠀⠀⠻⢿⣿⣿⣿⣿⣿⠏⢹⣿⣿⣿⢿⡇⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀

⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣿⣼⣷⡶⣿⣄⠀⠀⠀⠀⠀⢉⣿⣿⣿⡿⠀⠸⣿⣿⡿⣷⠃⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀

⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢻⡿⣦⢀⣿⣿⣄⡀⣀⣰⠾⠛⣻⣿⣿⣟⣲⡀⢸⡿⡟⠹⡆⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀

⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢰⠞⣾⣿⡛⣿⣿⣿⣿⣰⣾⣿⣿⣿⣿⣿⣿⣿⣿⡇⢰⡇⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀

⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠘⠀⣿⡽⢿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⢿⠿⣍⣿⣧⡏⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀

⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣿⣷⣿⣿⣿⣿⣿⣿⣿⣿⣷⣮⣽⣿⣷⣙⣿⡟⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀

⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠙⢿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⡟⣹⡿⠇⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀

⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⠛⢿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⡧⣦⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀

⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢠⡆⠀⠀⠀⠀⠀⠀⠀⠉⠻⣿⣿⣾⣿⣿⣿⣿⣿⣿⡶⠏⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀

⠀⠀⠀⠀⠀⠀⠀⣀⣠⣤⡴⠞⠛⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠚⣿⣿⣿⠿⣿⣿⠿⠟⠁⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀

⠀⢀⣠⣤⠶⠚⠉⠉⠀⢀⡴⠂⠀⠀⠀⠀⠀⠀⠀⠀⢠⠀⠀⢀⣿⣿⠁⠀⡇⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀

⠞⠋⠁⠀⠀⠀⠀⣠⣴⡿⠃⠀⠀⠀⠀⠀⠀⠀⠀⠀⣾⠀⠀⣾⣿⠋⠀⢠⡇⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀

⡀⠀⠀⢀⣷⣶⣿⣿⣿⡇⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣿⣆⣼⣿⠁⢠⠃⠈⠓⠦⣄⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀

⣿⣿⡛⠛⠿⠿⠿⠿⠿⢷⣦⣤⣤⣤⣦⣄⣀⣀⠀⢀⣿⣿⠻⣿⣰⠻⠀⠸⣧⡀⠀⠉⠳⣄⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀

⠛⢿⣿⣆⠀⠀⠀⠀⠀⠀⠀⠀⠈⠉⠉⠙⠛⠿⣦⣼⡏⢻⣿⣿⠇⠀⠁⠀⠻⣿⠙⣶⣄⠈⠳⣄⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀

⠀⠀⠈⠋⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠁⣐⠀⠀⠀⠈⠳⡘⣿⡟⣀⡠⠿⠶⠒⠟⠓⠀⠹⡄⢴⣬⣍⣑⠢⢤⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀

⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠙⢀⣀⠐⠲⠤⠁⢘⣠⣿⣷⣦⠀⠀⠀⠀⠀⠀⠙⢿⣿⣏⠉⠉⠂⠉⠉⠓⠒⠦⣄⡀⠀⠀⠀

⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠉⠀⠀⠀⠀⠈⣿⣿⣷⣯⠀⠀⠀⠀⠀⠀⠀⠀⠉⠻⢦⣷⡀⠀⠀⠀⠀⠀⠀⠉⠲⣄⠀

⠠⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠘⢦⠀⢹⣿⣏⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠙⢻⣷⣄⠀⠀⠀⠀⠀⠀⠈⠳

⠀⠀⠁⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠁⣸⣿⣿⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⣽⡟⢶⣄⠀⠀⠀⠀⠀

⠯⠀⠀⠀⠒⠀⠀⠀⠀⠀⠐⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢻⣿⣿⣷⣄⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢸⣿⡄⠈⠳⠀⠀⠀⠀

⠀⠀⢀⣀⣀⡀⣼⣤⡟⣬⣿⣷⣤⣀⣄⣀⡀⠀⠀⠀⠀⠀⠀⠈⣿⣿⡄⣉⡀⠀⠀⠀⠀⠀⠀⠀⢀⠀⠀⠀⠀⠀⣿⣿⣄⠀⣀⣀⡀⠀

-USAGE 

using the -wp-pawn command in the CLI this script uses google dorks to scrape search results for wordpress websites log in / admin pages and saves them to a TXT file 

using the sql-pwn command this scripe uses dorks to scrape google search results for sql dumps and sensitive sql details 

-INSTALLATION 

instalation is easy just set your chromedriver paths and download the requirements in requirements in the txt

Run python art.py to start the script and make your input in the CLI

i encourage using proxies for long term usage , i have added a small amount of anti limiting features like captcha detection and rate limiting detetcion , if the scrapper detects its being limited it will delay requests and change user agent before reconnecting 

NEW UPDATE CHAD-RDP

Chad-RDP Usage Documentation

Overview

Chad-RDP is an automated dorking and scanning tool designed for discovering Remote Desktop Protocol (RDP), Remote Desktop Services (RDS), and Virtual Private Server (VPS) resources using Google dorks. It scrapes search results for URLs matching specific patterns and scans IP-based URLs for additional information like operating system and open ports. The tool is inspired by Chorozon666/Chad and is intended for educational purposes only. Misuse of this tool may violate laws or terms of service.

Features

Google Dorking: Searches for RDP web interfaces, downloadable RDP files, RDP-related log files, and VPS control panels/login pages using predefined dork lists.

IP Scanning: Extracts IP addresses from discovered URLs and performs lightweight OS detection and service scanning using nmap.

Evasion Techniques: Includes user agent rotation and random delays to reduce detection by search engines.

Customizable Output: Saves scraped URLs and scan results to separate files.

Command-Line Interface: Configurable via command-line arguments for flexible operation.

Installation

Prerequisites

Python 3.x: Ensure Python is installed (https://www.python.org/downloads/).

ChromeDriver: Download from https://chromedriver.chromium.org/downloads and place it in your system PATH or specify its path in the script.

nmap: Install the nmap tool:

Linux: sudo apt-get install nmap (Ubuntu/Debian) or equivalent for your distro.

Windows: Download from https://nmap.org/download.html.

macOS: brew install nmap (with Homebrew).

Python Libraries: Install required libraries:pip install selenium python-nmap

Setup

Clone or download the script (chad_rdp_vps.py).

Ensure ChromeDriver is accessible. If not in PATH, modify the setup_driver function to include the path, e.g.:driver = webdriver.Chrome(executable_path='/path/to/chromedriver', options=options)

Verify nmap is installed and accessible from the command line (nmap --version).

Usage

Run the script from the command line with the following syntax:

python chad_rdp_vps.py [options]

Command-Line Arguments

Option

Description

Default

--rdp-web

Search for RDP web interfaces (e.g., RD Web Access, Remote Desktop Web Connection).

Disabled

--rdp-files

Search for downloadable RDP files (e.g., .rdp files).

Disabled

--rdp-logs

Search for log files containing RDP-related information (e.g., port 3389 references).

Disabled

--vps

Search for VPS control panels and login pages (e.g., SolusVM, WHMCS, cPanel).

Disabled

--output

File to save scraped URLs.

results.txt

--scan-output

File to save IP scan results (OS, open ports, services).

scan_results.txt

--pages

Number of Google search result pages to scrape per dork (integer).

5

Example Commands

Search for all categories and scan IPs:

python chad_rdp_vps.py --rdp-web --rdp-files --rdp-logs --vps --output urls.txt --scan-output scans.txt --pages 10

Scrapes URLs for all categories.

Scans IPs found in URLs for OS and services.

Saves URLs to urls.txt and scan results to scans.txt.

Scrapes up to 10 pages per dork.

Search only for RDP web interfaces:

python chad_rdp_vps.py --rdp-web --output rdp_web.txt --pages 5

Scrapes only RDP web interface dorks.

Saves URLs to rdp_web.txt.

Scrapes up to 5 pages per dork.

Search for VPS control panels with custom scan output:

python chad_rdp_vps.py --vps --output vps_urls.txt --scan-output vps_scans.txt --pages 3

Scrapes only VPS-related dorks.

Saves URLs to vps_urls.txt and scan results to vps_scans.txt.

Scrapes up to 3 pages per dork.