security-txt
well-known-uris
security-txt | well-known-uris | |
---|---|---|
9 | 2 | |
1,738 | 27 | |
0.0% | - | |
10.0 | 1.8 | |
over 1 year ago | 10 months ago | |
HTML | ||
GNU General Public License v3.0 or later | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
security-txt
- Ask HN: I found a security issue on a (known) website, should I report it? How?
-
Why should you care about the "security.txt" file on your website?
A very, very long article to say "you should have a security.txt file, find an example at https://securitytxt.org/".
-
Ask HN: How to Submit Bugs to Shopify?
https://www.shopify.com/.well-known/security.txt (https://securitytxt.org/ standard)
- Security.txt now mandatory for Dutch government websites
-
Security.txt file now mandatory for Dutch government websites
You are looking in the wrong place. https://securitytxt.org/ proposes to create a text file called security.txt under the .well-known directory of your project.
So, the URL becomes:
- I have gained access to numerous GCloud Organizations by accident
-
I reported an IT security issue to Ecoflow and have been incredibly frustrated with the process
This is great. Would you please also implement RFC 9116 (https://www.rfc-editor.org/rfc/rfc9116 or https://securitytxt.org) and give ever security researcher the chance to get in contact with you.
- [ENG] KeePass 2.X Master Password Dumper (CVE-2023-32784)
-
We should start to add “ai.txt” as we do for “robots.txt”
security.txt https://github.com/securitytxt/security-txt :
> security.txt provides a way for websites to define security policies. The security.txt file sets clear guidelines for security researchers on how to report security issues. security.txt is the equivalent of robots.txt, but for security issues.
Carbon.txt:
> A proposed convention for website owners and digital service providers to demonstrate that their digital infrastructure runs on green electricity.
"Work out how to make it discoverable - well-known, TXT records or root domains" https://github.com/thegreenwebfoundation/carbon.txt/issues/3... re: JSON-LD instead of txt, signed records with W3C Verifiable Credentials (and blockerts/cert-verifier-js)
well-known-uris
-
We should start to add “ai.txt” as we do for “robots.txt”
https://github.com/protocol-registries/well-known-uris
- How does one register a new “Well-known URI” with the IANA?
What are some alternatives?
carbon.txt - A proposed convention for making it possible demonstrate that your infrastucture uses green power
liwasc - List, wake and scan nodes in a network.
keepass-password-dumper - Original PoC for CVE-2023-32784
datatxt-spec - data.txt: Specification
bugbounty-resources
osv.dev - Open source vulnerability DB and triage service.
opengraph - A python module to parse the Open Graph Protocol
joystick - A full-stack JavaScript framework for building stable, easy-to-maintain apps and websites.
web-security-map