Skip to content

Configuration: DNS record TXT sensitive

Identifier: dnsrecord_txt_sensitive

Scanner(s) Support

GraphQL Scanner REST Scanner WebApp Scanner

Description

Check TXT record for sensitive information.

DNS records are not encrypted, not protected by any authentication and most of the time shared over plain text.

You should avoid storing sensitive information in DNS records.

Configuration

Example

Example configuration:

---
security_tests:
  dnsrecord_txt_sensitive:
    assets_allowed:
    - DNS
    skip: false

Reference

assets_allowed

Type : List[AssetType]*

List of assets that this check will cover.

skip

Type : boolean

Skip the test if true.