What is Zeus?
Zeus is an advanced dork searching tool that is capable of bypassing search engine API calls, search engine IP blocking from sending to many requests, search engine captchas, running port scans on the found URL’s IP address, and launching sqlmap through it’s API.
How does Zeus bypass API, captchas, and IP blocking?
First of all, since I was unable to find an exploit to bypass API’s, captchas, and IP blocking; I decided to take a different approach with Zeus. Zeus uses a package called selenium-webdriver, this package automates your web browser and turns it into a “robot browser”. Zeus uses this utility in order to gain the URL from the search engine with the results of the search. From there it will implement your proxies, user-agents, and anything else you choose to use to obfuscate your identity, and parse the HTML of the web page for any URL with a GET(query) parameter, from there it will save the found URL’s to a log file and you can do what you want with them.
Basic overview of Zeus
There are two main arguments (as of now) that you can pass to Zeus. The singular dork search `-d/--dork`, or a list of given dorks (one per line) using the `-l/--dork-list` flag. Examples:
Running a single dork scan:
Running through a dork list:
How do I install Zeus?
Zeus has quite a few requirements:
Firefox web browser is required as of now,, full functionality for most browsers will be added eventually.
If you want to run sqlmap through the URL's you will need sqlmap somewhere on your system.
If you want to run a port scan using nmap on the URL's IP addresses. You will need nmap on your system.
Gecko web driver is required and will be installed the first time you run. It will be added to your /usr/bin so that it can be run in your ENV PATH.
You must be sudo for the first time running this so that you can add the driver to your PATH
selenium-webdriver package is required to automate the web browser and bypass API calls.
requests package is required to connect to the URL, and the sqlmap API
python-nmap package is required to run nmap on the URL's IP addresses
whichcraft package is required to check if nmap and sqlmap are on your system if you want to use them
pyvirtualdisplay package is required to hide the browser display while finding the search URL
Linux operating system is required for now.
To install all requirements you need to do the following:
(optional but highly advised to save searching time) move nmap and sqlmap into your environment PATH, easiest way is to move them into /usr/bin
Run `pip install -r requirements.txt`
For the first run on your system so that the program will successfully unzip the gecko driver, you will need to run `sudo zeus.py`.
That’s it, all dependencies should be installed after that
Using different search engines (default is Google)
Running with proxy and user agent configuration:
Running with verbosity and showing all HTTP requests:
Sending commands to sqlmap: