If you wish to exclude your IP address from further scans, please send me a mail to 433498 [at] mail.muni.cz.

Goals of reasearch:
===================
- find out whether each target has security.txt file published or not
- find out what SSL and TLS protocols are supported by target's webserver
- find out whether there are some irregular files/folder publicly accessible or not (.git folder, config.php file and a few more files, that can be a security risk if mistakenly published)

Techniques of the scan:
=======================
- entire scan is noninvasive (==no "hacking" or pentesting involved), there will be only HTTP GET requests and a few TLS connections
- the first goal are only two GET requests per target to example.com/security.txt and example.com/.well-known/security.txt
- the second goal is a few TLS connections (I will see what protocols I'll be offered and close the connection)
- the third are GET requests one for each file/folder, there will be up to 5 requests per target
- between each request will be randomly generated waiting time (so each scan can take from 15 second up to two minutes) to not stress the target server

Outputs
========
- anonymized statistical data

Scanner address: 139.162.254.85, only IPv4 communication

Exclude my IP from further scans: please send me a mail to 433498 [at] mail.muni.cz