davtur19
commented
1 month ago I don't think you understand what the extension is for.
The extension is for finding .git/.hg/.svn, not for finding security.txt.
Also, if you have an empty file or one with random data, the check will fail, as it must be a valid file to avoid false positives.
So in summary, you need a valid repository and a valid security.txt file to appear in the extension.
I don't think a whitehat hacker would have any problem reading a few lines of code in JavaScript and modifying it to their liking.
As for notifications, all you need to do is set the notification sound in your browser or OS settings.
rayabee
Hi,
Love this project as a whitehat hacker.
I uploaded a security.txt (blank file) on one of my domains to check if I get an alert, but it did not alert me. I then added some text to the file, so it's not 0kb, but also no alert.
Am I doing something wrong with testing or might this be a bug?
Keep up the good work.
p.s. I read it's possible to get an audio alert, how do i set this up?
Ray