id: security-txt

info:
  name: security.txt File
  author: bad5ect0r,noraj
  severity: info
  description: |
    File similar to robots.txt but intended to be read by humans wishing to contact a website’s owner about security issues. Often defines a security policy and contact details.
  reference:
    - https://securitytxt.org/
    - https://community.turgensec.com/security-txt-progress-in-ethical-security-research/
  metadata:
    verified: true
    max-request: 2
    shodan-query: http.securitytxt:contact http.status:200
  tags: miscellaneous,misc,generic

http:
  - method: GET
    path:
      - "{{RootURL}}/.well-known/security.txt"
      - "{{RootURL}}/security.txt"

    stop-at-first-match: true
    redirects: true
    max-redirects: 2
    matchers-condition: and
    matchers:
      - type: word
        words:
          - "Contact:"
          - "Expires:"
        condition: or

      - type: dsl
        dsl:
          - "len(body) <= 4096 && len(body) > 0"

      - type: status
        status:
          - 200

    extractors:
      - type: regex
        group: 1
        regex:
          - '(?mi)Contact:(.*)'
# digest: 490a004630440220155493090c6461556ae454cb23957df38e29e3b34372a4643d9450a814488fb002202cacea1e052b5f876ea3312d499ba930e2ee6cab08d9b7c269d83cd0f32c9b6b:922c64590222798bb761d5b6d8e72950