Skip to content

Configuration: DNS record TXT length¶

Identifier: dnsrecord_txt_length

Scanner(s) Support¶

GraphQL Scanner	REST Scanner	WebApp Scanner	ASM Scanner

Description¶

DNS TXT records exceeding 1024 bytes can cause issues with some DNS servers and may be exploited for attacks.

How we test: We query DNS TXT records and analyze their length to detect if records exceed the recommended 1024-byte limit. We check if oversized TXT records could cause DNS server issues or be exploited for malicious purposes.

Configuration¶

Example¶

Example configuration:

---
security_tests:
  dnsrecord_txt_length:
    skip: false

Reference¶

`skip`¶

Type : boolean

Skip the test if true.