-
Notifications
You must be signed in to change notification settings - Fork 4
example & Use cases
This page demonstrates practical, real‑world scenarios where Atdork excels.
Every example can be adapted to your own targets, provided you have proper authorization.
Goal: Quickly find exposed PDFs on government websites.
python main.py -q "site:gov filetype:pdf" -r 30 --backend google --safesearch off -o gov_docs.json-
--backend googlegives high‑quality results. -
--safesearch offincludes documents that may be flagged by automated filters. - Results are saved as JSON for further analysis.
Goal: Look for admin login portals, database dumps, and backup files across a company’s subdomains.
python main.py -q "site:example.com inurl:admin OR inurl:login OR filetype:sql OR filetype:bak" -r 50 --delay 1.5 -o bounty_recon.json- A
--delayprevents overwhelming the search engine. - Output is a single JSON file that can be fed into another tool or manually reviewed.
Goal: Conduct a sensitive investigation without revealing your real IP address.
# Ensure Tor is running, then:
python main.py -q "sensitive document filetype:docx" --tor --strict --delay 2 -r 20 -o sensitive.json-
--torautomatically adds the Tor SOCKS5 proxy. -
--strictguarantees that if Tor goes down, the search will fail rather than leak your IP. -
--delay 2adds a polite pause between requests, reducing suspicious traffic patterns.
Goal: Run a set of monitoring dorks every Monday morning and store results in a timestamped folder.
python main.py \
--batch-file weekly_dorks.txt \
--concurrency 3 \
--proxy-file company_proxies.txt \
--output-dir /data/atdork/$(date +%Y-%W) \
--format csv \
--delay 1Contents of weekly_dorks.txt:
site:example.com "internal use only"
site:example.com filetype:env
site:example.com "index of" "/backup"
site:example.com "password"
- 3 threads speed up the scan.
- Results are stored in a folder named after the year and week number.
- CSV format is easy to import into Excel or a database.
Goal: Deliver a clean, spam‑free report to a client after a penetration test.
python main.py -q "target company confidential" --strict-filter -r 50 -o client_report.json-
--strict-filterremoves any result without a meaningful snippet, keeping only pages that actually contain content. - The built‑in spam filter also removes casino, gambling, and obvious SEO spam sites.
- The final JSON is polished and ready to attach to a report.
Goal: Scan 200 dorks against a target with multiple proxies in a short time.
python main.py \
--batch-file all_dorks.txt \
--concurrency 10 \
--max-fallback-failures 5 \
--proxy-file premium_proxies.txt \
--retries 3 \
--timeout 15 \
--output-dir results \
--format json- 10 concurrent workers accelerate the scan.
- If 5 searches fail in a row (e.g., proxies are exhausted), the tool automatically switches to sequential mode to complete the remaining dorks without crashes.
- Generous
--timeoutand--retriescompensate for slower proxies.
Goal: Collect all search results, including potential spam, for a later custom analysis pipeline.
python main.py -q "online pharmacy" --no-validate -r 100 -o raw_results.json-
--no-validatedisables all filtering, preserving every result exactly as the search engine returned it. - Useful if you have your own post‑processing scripts.
Each of these use cases mirrors tasks that security researchers, OSINT analysts, and pentesters perform regularly.
For a complete list of available flags, refer to the Command Reference.