FIND HIGH-RISK VULNERABILITIES IN YOUR WEB APPLICATIONS
FREE FOR EDUCATION, STATE/LOCAL GOVERNMENT, NON-PROFITS
UT Austin Information Security Office’s Dorkbot service identifies risky pages using public data, verifies the problem and reports it in real-time.
Over 3,500 educational institutions, state/local government agencies and other non-profits from 7 continents (and 205 countries) are served by Dorkbot.
Web application attacks are the #1 source of data breaches.
These exploits are caused by web application vulnerabilities such as SQLi, XSS, LFI, and RFI which collectively account for 9.1% of incidents and 18.6% of breached records1. SQLi and XSS in particular are preferred attack vectors by hackers2. For example, in recent years notable SQLi data breaches have varied from massive credit card breaches, large scale targeted attacks against universities and government agencies, as well as election related web servers and databases.
Say hello to Dorkbot.
Dorkbot automates the discovery and verification of web application vulnerabilities across entire domains at scale. Specifically, Dorkbot hunts for SQLi, XSS, and other less common vulnerabilities, leveraging search engine cache and other public sources of indexed sites. Once identified vulnerabilities are verified, notices with remediation instructions are automatically sent to your security inbox and you'll receive a monthly summary report of our activities. Since its launch over 2 years ago, Dorkbot coverage has grown to over 3,500 institutions including 99% of the largest doctoral research institutions in the US, 100% of all US HBCUs and most all top institutions of higher education across 205 countries.
These articles have also been written about Dorkbot:
1. Verizon Data Breach Investigation Report (DBIR) 2018 // 2. The 2019 Hacker Report by hackerone
Years in Service
Unique Institutions Served
Verified Vulnerabilities Reported