Security.txt file is missing

Description

Kayran has detected that a Security.txt file is missing!
Every site must contain this file, we use it to report and define a standard to which will be helpful for security researchers to disclose security vulnerabilities securely.

The file is designed to make it easier for ethical hackers, researchers, and other finders to reach your organization when they need to report a security vulnerability.

Although there’s no actual risk in not having a Security.txt file, we highly recommend it.

Recommendation

We recommend you to implement this file according to the standard, doing so, will only benefit your site.
Here’s an example made by Google :
https://www.google.com/.well-known/security.txt

References

https://securitytxt.org/

< Return to all Vulnerabilities

Crossing Scripts – XSS

Injections. SQL Injections. Cross-site Scripting (hence the amazing title “Crossing Scripts – XSS”). There all sorts of Injection-Based attacks, if you want to read about

Read More »

Exposing the GIT

Let’s start with defining the meaning of GIT. GIT – is an open-source system which we use as a tool to store data and information

Read More »