SaltyCloud is a Public Benefit Company

Dorkbot: Discover web app vulnerabilities. Join over 500 universities globally protecting their websites from XSS, SQLi, and other web vulnerabilities.

Discover vulnerabilities across your web domain

Web application attacks are the #1 source of data breaches1.
Today’s websites use a collection of web-applications that help simplify and automate the site building process. However, the same tools that make your website easy to build can also make it easy for unauthorized access to sensitive data or host malicious content.

1. Verizon Data Breach Investigation Report (DBIR) 2018

Protect your entire web domain with Dorkbot

Dorkbot is a program that automates discovery and verification of keyword-based cache searches (also known as “Google Dorking”) to find potential web app vulnerabilities and validate them efficiently.
Automated Application

Just point and go. Dorkbot is a fully hosted and automated application—no need to configure or maintain anything on your end.

Verified Vulnerabilities

Don't waste time with false negatives. Dorkbot automatically tests all vulnerabilities and only notifies you of verified vulnerabilities.

Actionable Results

Take immediate action. Dorkbot's security notices include: offending URL, payload, demonstration of vulnerability and remediation instructions.

Join for Free*

Educational institutions, state/local agencies, and nonprofits can join Dorkbot for free. We only need a few details to get you signed up on the service.

Dorking since 2017

Since its launch in 2017, Dorkbot has grown to support hundreds of universities globally and discover tens of thousands of verified web vulnerabilities.

The University of Texas at Austin Information Security Office created Dorkbot, and they continue to manage the service for the higher education community.


Campuses Enrolled


Vulnerabilities Discovered

Dorkbot gives us good validation of what we do in-house and augments our efforts by doing additional scans that we wish we had the time to do on an ongoing basis.

— Security Analyst at Large Northeastern University

Dorkbot for Everyone

As a public benefit company, we’re committed to cultivating cyber-secure ecosystems by offering significant discounts to educational institutions, state/local agencies, and nonprofits.

Ready to put Dorkbot to work?

Provide the following and we’ll get you started:
(1) List of all TLDs (top level domains) you want covered;
(2) Contact email(s) you would like for the Dorkbot notices to be sent;
(3) Your institution’s autonomous system number (ASN). If you share an ASN, please provide your CIDR range(s).