Loading...
Consider supporting the Cybersecurity Operations Center at The University of Texas at Austin.
Donate
orange line art of robot head thinking

Find High-Risk Vulnerabilities in your Web Applications

    1. No Added Cost for Education, State/Local Government, Non-Profits

      The UT Austin Information Security Office’s Dorkbot service identifies high-risk pages using search engine cache, verifies the problem and reports it in real-time.

      1,600 educational institutions, state/local government agencies and other non-profits from 7 continents (and 135 countries) are served by Dorkbot.
       

      Web application attacks are the #1 source of data breaches.

      These exploits are caused by web application vulnerabilities such as SQLi, XSS, LFI, and RFI which collectively account for 9.1% of incidents and 18.6% of breached records1. SQLi and XSS in particular are preferred attack vectors by hackers2. For example, in recent years notable SQLi data breaches have varied from massive credit card breaches, large scale targeted attacks against universities and government agencies, as well as election related web servers and databases.

       

      Say hello to Dorkbot.

      Dorkbot automates the discovery and verification of web application vulnerabilities across entire domains at scale. Specifically, Dorkbot hunts for SQLi, XSS, and other less common vulnerabilities, leveraging search engine cache and other public sources of indexed sites. Once identified vulnerabilities are verified, notices with remediation instructions are automatically sent to your security inbox and you'll receive a monthly summary report of our activities. Since its launch over 2 years ago, Dorkbot coverage has grown to over 1,600 institutions including 99% of the largest doctoral research institutions in the US, 100% of all US HBCUs and most all top institutions of higher education across 135 countries.

       

      These articles have also been written about Dorkbot:

      EDUCAUSE (Feb-2019)

      Austin American Statesman (May-2019)

       

      1. Verizon Data Breach Investigation Report (DBIR) 2018   //   2. The 2019 Hacker Report by hackerone

       

      Dorkbot will automatically detect, verify and report on these vulnerabilities: 

      Code Injection | Cross Site Scripting (XSS) | OS Command Injection | Path Traversal | Remote File Inclusion / Local File Inclusion | SQL Injection (SQLi) | XPath Injection

      2
      Years In Service
      1600
      Unique Institutions Served

      Interested In Dorkbot?

      Dorkbot Inquiry
      Specify which top level domains you would like subscribed for your organization.

      We offer an assortment of information security software and services created and engineered for higher education institutions and enterprises.

      Learn More