[previous] | [main] | [next]

Goolag Scanner released!

| Comments (23)

Krass Katt sez:
Go grab my app! Choke on it, you silly bitches.


SECURITY ADVISORY: The following program may screw a large Internet search engine and make the Web a safer place.

LUBBOCK, TX, February 20th -- Today CULT OF THE DEAD COW (cDc), the world's most attractive hacker group, announced the release of Goolag Scanner, a web auditing tool. Goolag Scanner enables everyone to audit his or her own web site via Google. The scanner technology is based on "Google hacking," a form of vulnerability research developed by Johnny I Hack Stuff. He's a lovely fellow. Go buy him a drink.

"It's no big secret that the Web is the platform," said cDc spokesmodel Oxblood Ruffin. "And this platform pretty much sucks from a security perspective. Goolag Scanner provides one more tool for web site owners to patch up their online properties. We've seen some pretty scary holes through random tests with the scanner in North America, Europe, and the Middle East. If I were a government, a large corporation, or anyone with a large web site, I'd be downloading this beast and aiming it at my site yesterday. The vulnerabilities are that serious."

Goolag Scanner will be released open source under the GNU Affero General Public license. It is dedicated to the memory of Wau Holland, founder of the Chaos Computer Club, and a true champion of privacy rights and social justice.


Goolag Scanner is a standalone windows GUI based application. It uses one xml-based configuration file for its settings. All dorks coming with the distribution of gS are kept inside one file.

Press Contact
Oxblood Ruffin
oxblood at hacktivismo.com

Edit: digg this shit.


Digg does not like me.

Goolag likes you...

Well dude.. what's the PW of the rar containing the source code?

And did you guys ever heared about bittorrent? :-p
It may would make sense (except of having slow Servers :) )

goolag dot org is offline. Anyone have a copy of the program that they can send to me via email at cindylouwho at thebabecams dot com

Try goolag.net instead; same thing. Torrent coming soon.

Sorry to say...but I don't find this tool very useful. There are much better vunerability scanners out there, but if I just want to scan the available dorks I could write a simple script which does the job and doesn't require Windows, .NET or anything fancy.

Wake up guys! You can do much much better than this!

OMG! I just had a look at the gdorks.xml file...Are you serious? Have you ever heard of data structures? This is lame!

It's very easily useable since it does not require a local proxy like Sensepost Aura but also seems to be still hindered by the google bot captcha problem due to this simplicity...it should probably integrate an API key or something like Aura with Wikto/GHDB...I got blocked in short order.

A new frontend for GHDB?


Interesting app.
Don't forget that computer insecurity is everywhere :


fuckin CDC~
stupid guy~
CDC sucks~
Goolag sucks~

Mother Fucker CDC !!!
Suck my dick~

I understand that the Host string is used as the 'site' parameter in the query. I thought that meant you would only find pages on that host URL that had the dork. However, I'm getting successful queries that have URLs that are unrelated to the host I entered. If you go to the url shown in the successful result you can see the dork string but there's nothing about the host on that page.

For you folks who can't access goolag.org

look on PacketStormSecurity.org for GoolagScanner 1.0.40
It's a .RAR file with the source and self extracting binary. Enjoy!

Ya'll need to make this a .deb for us Linux users.


I visit this web from searching from www.avun.com

You should kiss my ass even for advisory/vulnerability section. You asked to the Johnny community forums if you can do this Windows shit?


hey, where can i put the proxy server. Tools-Options-Proxy address . . . if i'm already ussing proxy just click on *use system default settings* ???

goolag scanner is fail

Nor more Goolag...but check new tools on http://www.akaoma.com

MCAFEE already released a good tool for such dork digging, you can download it from :


If you need to know more information about how to use google hacks, read this article:


Post a comment

If you have a TypeKey or TypePad account, please sign in


Mind viruses. Deadly memes.

cDc site version 666.2.0

All of us in the cDc participate in this site. If you want to complain because this ain't teaching you how to be an 31337 hax0r, you can eat our collective ass. Thx!


RIP Tequila Willy

Tequila Willy
September 7, 1969 - May 25, 2015


December 29, 1951 - June 14, 2012

Memesphere Poopfest

Has the cDc site inspired you to create your OWN? Has it filled you with a desire to go out and create a blog full of beauty and sparkly magic? Or has it driven you to create your own site full of bile, bitterness, and bad sportsmanship?

Click these buttons for red hott daisy chain action!

burn that fuggin' feed

cDc on archive.org cDc on everything2.com cDc on Facebook
cDc Feed on Feedburner cDc on flickr cDc on Last.fm
cDc on Newgrounds cDc on Reddit DSE on twitter
cDc on Wikipedia cDc on YouTube

Kitten Friendly!

Legal Crap

is a registered trademark of
cDc communications.
Use The Name, face The Wrath.

License | Privacy

Wiz Dumb


the internet's #1 white slavery and cockfighting site!

Recent texXxt

414 "How Are You Feeling?" by Oxycolton
413 "Temporary Paralysis: A One-Act Play" by Jake Edward Kara
412 "The Screen Generation" by elliot.pank
411 "The DEFCON 2007 Experience" by Oxycolton, KEMiKAL, and Flack
410 "My Bike" by Lupo

Recent Periodicals

Recent Books

Action! Professor Know It All's Guide to Film and Video

Recent Muzak

Recent grafx

cDc #047
cDc #047
"Sometimes it's just like that."
by Punkle Jones

cDc #046
cDc #046
"I Love a Parade!" by G. Ratte'

- all grafx -

Recent Video

- all video -