Pagodo: Scraping the web to my leaks related to me

Computer Science
Ronny Coste

What is Pagodo?

Pagodo or Passive Google Dork is a set of scripts that rely on google dorks to find publicly available information indexed by google.
Explanation from Pagodo GitHub repo “Pagodo automates Google searching for potentially vulnerable web pages and applications on the Internet. It replaces manually performing Google dork searches with a web GUI browser.”

How do I use it?

The way I use Pagodo is as a set of scripts to help me find information and leaks related to me. It also helps me understand better how powerful and detailed search can be no wonder why so many people rely on it for OSINT.

What have I learned

After parsing through 20 thousand lines of logs created by Pagodo, I can say that the scripts can find a lot of interesting information that even if I try really hard I don’t think I would have found it. Yeah that obscure or random are some of the websites but after checking the parse log files I notice a pattern and why I got some of those links. What was random and obscure to me was not for Pagodo.
2024-01-29 20:47:26,559 [MainThread ] [INFO] Search ( 1415 / 1447 ) for Google dork [ intitle:" TROJANS" Analysis Report ] using User-Agent 'Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/540.0 (KHTML,like Gecko) Chrome/ Safari/540.0' through proxy '' 2024-01-29 20:47:42,670 [MainThread ] [INFO] Results: 1 URLs found for Google dork: intitle:" TROJANS" Analysis Report 2024-01-29 20:47:42,670 [MainThread][INFO] dork_urls_list: <>
The dork was looking for links or pages that contained TROJANS which in this case was the username of an Instagram account.
Some of the things I uncovered from my analysis

How to use Google dorks and Pagodo?

The repo has some great documentation on how to use it.
opsdiskUpdated Mar 30, 2024