| 0.0.4 |
|
|---|---|
| 0.0.3 |
|
| 0.0.2 |
|
| 0.0.1 |
|
#21 in #domains
13KB
98 lines
New versions of this crate will be published as sectxt to indicate more general functionality.
If you want to take ownership of the name sectxtcov, please reach out to me.
About
This tool can be used to determine the coverage of the security.txt standard among several domains. You feed it a list of domains and it will tell you how many of them implement the standard already.
sectxtcov < domains.txt
The idea was shamelessly stolen from inspired by haksecuritytxt.
So why did I recreate a tool that already exists?
Admittedly, the main motivation was to play around with Rust's new async/await syntax and learn something new.
Besides, I wanted to enforce stricter checks for the standard, i.e., the server must answer with the correct Content-Type header, which leads to more accurate results.
Usage
Mozilla maintains a list of popular websites.
Running ./checktop500 downloads that list, and runs sectxtcov against it.
As a result, you will see how many of these websites deploy a security.txt file.
For the script to run you need to install xsv, which is another convenient utility by BurntSushi.
Dependencies
~6–20MB
~249K SLoC