Skip to content

eikendev/sectxt

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
src
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

sectxt

The security.txt standard helps us make the Internet more secure.

sectxt lets you work with security.txt files on the command line.

Build status  License  Version  Downloads 

🚀 Installation

cargo install sectxt

📄 Usage

This tool can be used to determine the adoption of the security.txt standard among several domains. You feed it a list of domains and it will tell you which of them implement the standard already.

sectxt < domains.txt

Example

Moz maintains a list of popular websites. Running ./scripts/checktop500 downloads that list, and runs sectxt against it. As a result, you will see which of these websites deploy a security.txt file.

For the shell script to run you need to install xsv, which is another convenient utility by BurntSushi.

👮 Acknowledgments

The idea was shamelessly stolen from inspired by haksecuritytxt. So why did I recreate a tool that already exists? Admittedly, the main motivation was to play around with Rust's new async/await syntax and learn something new. Besides, I wanted to enforce stricter checks for the standard, i.e., the server must answer with the correct Content-Type header, which leads to more accurate results.

About

A tool for working with security.txt files on the command line (with support for probing, parsing and validating) 🚀🔥

Topics

Resources

License

Stars

Watchers

Forks