robots.txt & security.txt Analysis
Phase 2config mgmtWSTG-CONF
Description
Fetches /robots.txt and checks Disallow entries for sensitive paths (admin, api, backup, config, etc.). Also checks for a /.well-known/security.txt vulnerability disclosure file.
Security Impact
Disallowed paths in robots.txt are publicly enumerable — they act as a roadmap for attackers. A missing security.txt leaves researchers no way to responsibly report vulnerabilities.
Automated Detection & AI Remediation
DygDog automatically detects robots.txt & security.txt Analysis using its continuous, passive scanning engine. When discovered, DygDog provides infrastructure-specific, copy-paste ready code snippets generated by frontier AI models to help you remediate the issue instantly without generic advice.
Start Free Scan