Skip to content

example & Use cases

Jump to bottom
alzzdev edited this page Jun 11, 2026 · 1 revision

Examples & Use Cases

This page demonstrates practical, real‑world scenarios where Atdork excels.
Every example can be adapted to your own targets, provided you have proper authorization.

1. Basic OSINT Reconnaissance

Goal: Quickly find exposed PDFs on government websites.

python main.py -q "site:gov filetype:pdf" -r 30 --backend google --safesearch off -o gov_docs.json
  • --backend google gives high‑quality results.
  • --safesearch off includes documents that may be flagged by automated filters.
  • Results are saved as JSON for further analysis.

2. Bug Bounty Target Discovery

Goal: Look for admin login portals, database dumps, and backup files across a company’s subdomains.

python main.py -q "site:example.com inurl:admin OR inurl:login OR filetype:sql OR filetype:bak" -r 50 --delay 1.5 -o bounty_recon.json
  • A --delay prevents overwhelming the search engine.
  • Output is a single JSON file that can be fed into another tool or manually reviewed.

3. Anonymous Searching with Tor & Strict Proxy

Goal: Conduct a sensitive investigation without revealing your real IP address.

# Ensure Tor is running, then:
python main.py -q "sensitive document filetype:docx" --tor --strict --delay 2 -r 20 -o sensitive.json
  • --tor automatically adds the Tor SOCKS5 proxy.
  • --strict guarantees that if Tor goes down, the search will fail rather than leak your IP.
  • --delay 2 adds a polite pause between requests, reducing suspicious traffic patterns.

4. Batch Automation for Weekly Reports

Goal: Run a set of monitoring dorks every Monday morning and store results in a timestamped folder.

python main.py \
  --batch-file weekly_dorks.txt \
  --concurrency 3 \
  --proxy-file company_proxies.txt \
  --output-dir /data/atdork/$(date +%Y-%W) \
  --format csv \
  --delay 1

Contents of weekly_dorks.txt:

site:example.com "internal use only"
site:example.com filetype:env
site:example.com "index of" "/backup"
site:example.com "password"
  • 3 threads speed up the scan.
  • Results are stored in a folder named after the year and week number.
  • CSV format is easy to import into Excel or a database.

5. High‑Quality Filtering for Client Deliverables

Goal: Deliver a clean, spam‑free report to a client after a penetration test.

python main.py -q "target company confidential" --strict-filter -r 50 -o client_report.json
  • --strict-filter removes any result without a meaningful snippet, keeping only pages that actually contain content.
  • The built‑in spam filter also removes casino, gambling, and obvious SEO spam sites.
  • The final JSON is polished and ready to attach to a report.

6. Multi‑Threaded Large Scale Scanning

Goal: Scan 200 dorks against a target with multiple proxies in a short time.

python main.py \
  --batch-file all_dorks.txt \
  --concurrency 10 \
  --max-fallback-failures 5 \
  --proxy-file premium_proxies.txt \
  --retries 3 \
  --timeout 15 \
  --output-dir results \
  --format json
  • 10 concurrent workers accelerate the scan.
  • If 5 searches fail in a row (e.g., proxies are exhausted), the tool automatically switches to sequential mode to complete the remaining dorks without crashes.
  • Generous --timeout and --retries compensate for slower proxies.

7. Raw Unfiltered Data Collection

Goal: Collect all search results, including potential spam, for a later custom analysis pipeline.

python main.py -q "online pharmacy" --no-validate -r 100 -o raw_results.json
  • --no-validate disables all filtering, preserving every result exactly as the search engine returned it.
  • Useful if you have your own post‑processing scripts.

Each of these use cases mirrors tasks that security researchers, OSINT analysts, and pentesters perform regularly.
For a complete list of available flags, refer to the Command Reference.

Clone this wiki locally