0.0.4 |
|
---|---|
0.0.3 |
|
0.0.2 |
|
0.0.1 |
|
#21 in #domains
13KB
98 lines
New versions of this crate will be published as sectxt to indicate more general functionality.
If you want to take ownership of the name sectxtcov
, please reach out to me.
About
This tool can be used to determine the coverage of the security.txt standard among several domains. You feed it a list of domains and it will tell you how many of them implement the standard already.
sectxtcov < domains.txt
The idea was shamelessly stolen from inspired by haksecuritytxt.
So why did I recreate a tool that already exists?
Admittedly, the main motivation was to play around with Rust's new async
/await
syntax and learn something new.
Besides, I wanted to enforce stricter checks for the standard, i.e., the server must answer with the correct Content-Type
header, which leads to more accurate results.
Usage
Mozilla maintains a list of popular websites.
Running ./checktop500
downloads that list, and runs sectxtcov
against it.
As a result, you will see how many of these websites deploy a security.txt
file.
For the script to run you need to install xsv, which is another convenient utility by BurntSushi.
Dependencies
~6–20MB
~249K SLoC