Salty Cloud is a Public Benefit Company
Title Image


Home  /  DORKBOT

Automatically Assess Vulnerabilities on High-Risk Web Apps

DORKBOT is an automated website vulnerability scanning service that analyzes search engine caches and discovers possible penetration points. Leveraging these caches allows DORKBOT to focus only on at-risk webpages, and eliminates the lengthy and bandwidth consuming process of spidering entire domain(s).


Just point and go. As a hosted-app, there’s no need to configure and maintain anything on your end.

Verified Vulnerabilities

All vulnerabilities are verified prior to notification so you do not have to waste your team’s time chasing false negatives.

Actionable Results

Security notices include: offending URL, screenshot demonstrating the vulnerability, and remediation instructions.

Protect Your Data

Web Application attacks remain the #1 source of data record breaches.  DORKBOT specifically targets vulnerability types that account for the vast majority of successful breaches (SQLi, LDAP, LFI, RFI, XSS, etc).

Targeted Approach

Get the tech sheet! Learn how DORKBOT was built to discover and cover the web application penetration points that are most likely to be exploited. Find your vulnerabilities before the bad guys do.

University Approved

As of November 2017, DORKBOT has identified and verified thousands of vulnerabilities across 300+ subscribed Higher Education campuses. Dorkbot is currently providing value to both Large and Small as well as Private and Public Institutions. In a recent survey, 53% of Dorkbot users said “Wow – Dorkbot really fills a key gap in my defensive security tool-kit.”

  • XSS
  • SQLi
  • Other


As a Public Benefit Company, Salty Cloud offers significant discounts to higher education and non-profit institutions. Contact us for enterprise pricing.

  • 3k $ Small Business USD - Yearly
  • Up to 100 Pages
  • 5k $ Large Business USD - Yearly
  • Up to 500 Pages

How do I sign up?

It’s simple! Contact us with the form below and include: (1) A list of all TLDs (top level domains) you want covered. (2) Contract address(es) where you would like for the notices to be sent. (3) Your institutions autonomous system number (ASN). If you share an ASN, please provide your CIDR range(s).

powered by Typeform