Configuration: DNS record TXT sensitive¶
Identifier:
dnsrecord_txt_sensitive
Scanner(s) Support¶
| GraphQL Scanner | REST Scanner | WebApp Scanner | ASM Scanner |
|---|---|---|---|
Description¶
DNS TXT records containing sensitive information can expose secrets, credentials, or configuration details since DNS records are not encrypted, not protected by authentication, and often shared over plain text.
How we test: We query DNS TXT records and analyze their contents to detect if sensitive information like secrets, credentials, API keys, or configuration details are stored in TXT records. We verify if DNS records follow security best practices and avoid storing sensitive data.
Configuration¶
Example¶
Example configuration:
Reference¶
skip¶
Type : boolean
Skip the test if true.