/safe-harbour

security.txt collection of most popular world-wide domains

MIT LicenseMIT

Safe HarbourTweet

security.txt collection of most popular world-wide domains

"When security risks in web services are discovered by independent security researchers who understand the severity of the risk, they often lack the channels to disclose them properly. As a result, security issues may be left unreported. security.txt defines a standard to help organizations define the process for security researchers to disclose security vulnerabilities securely.” - securitytxt.org

Our aim with this project is to:

  • Help the community with the information where to submit vulnerabilities for the most popular websites
  • Bring more attention to security.txt policies and their significance
  • Have comprehensive research of the top 10000 websites and per country on the current security.txt posture and its improvements over time

Statistics (Top 10000) - top.csv


How it works

Safe Harbour

TB; DZ (Too big; didn't zoom)

  • Get the list of countries and their tlds from country-tld.txt file.
  • For each country (by using file-splitter)

Note: As described, almost everything in this repository is generated automatically. We carefully designed the workflows (and continue to develop them) to ensure the results are as accurate as possible.

Contribution

All contributions/ideas/suggestions are welcome! If you want to add/edit a target/workflow, feel free to create a new ticket via GitHub issues, tweet at us @trick3st, or join the conversation on Discord.

Build your own workflows!

We believe in the value of tinkering. Get Access to the Trickest platform to customize this workflow to your use case, get access to many more workflows, or build your own from scratch!