id: security-txt

info:
  name: security.txt File
  author: bad5ect0r,noraj
  severity: info
  description: File similar to robots.txt but intended to be read by humans wishing to contact a website’s owner about security issues. Often defines a security policy and contact details.
  reference:
    - https://securitytxt.org/
    - https://community.turgensec.com/security-txt-progress-in-ethical-security-research/
  metadata:
    max-request: 2
    shodan-query: http.securitytxt:contact http.status:200
  tags: misc,generic

http:
  - method: GET
    path:
      - "{{RootURL}}/.well-known/security.txt"
      - "{{RootURL}}/security.txt"

    stop-at-first-match: true
    host-redirects: true
    max-redirects: 2

    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200

      - type: word
        words:
          - "Contact:"

      - type: dsl
        dsl:
          - "len(body) <= 1024 && len(body) > 0"

    extractors:
      - type: regex
        group: 1
        regex:
          - '(?mi)Contact:(.*)'

# digest: 4a0a0047304502206f89daa6983e25a1d9a1f288ba8abf8702d8915d8e2dc61aabe89f18233612da0221009c73c9b5f0b221f0644a5af52ccc90863387a662d5ef18ba394560a2c11705a1:922c64590222798bb761d5b6d8e72950