hacker.txt Generator

Import hacker.txt

Basic Configuration

Allow PentestingSpecify whether security testing is permitted

Testing ScopeComma-separated list of domains in scope

Testing WindowSpecify when testing is allowed

Testing Types

Testing Types ConfigurationConfigure which testing types are allowed or disallowed

Injection

SQLi

NoSQLi

XSS

XXE

SSTI

Command Injection

LDAP Injection

Format String

Authentication & Authorization

Auth Bypass

2FA Bypass

JWT Testing

OAuth Testing

SAML Testing

Session Testing

IDOR

Request Manipulation

CSRF

SSRF

HTTP Request Smuggling

HTTP Response Splitting

HTTP Parameter Pollution

Infrastructure

RCE

Path Traversal

File Inclusion

Information Disclosure

Open Redirect

Race Condition

Explicitly Forbidden

DDoS

Bruteforce

Social Engineering

Physical Security

Phishing

Data Exfiltration

Contact Information

Security ContactEmail address for vulnerability reports

Bug Bounty URLLink to bug bounty program (if any)

Disclosure Policy

Disclosure Timeline (days)Days before public disclosure is allowed

Legal NoticeLegal disclaimer for security testing

Domain-Specific Rules

Domain-Specific RulesDefine different rules for specific domains

Generated hacker.txt

# hacker.txt - Security Testing Guidelines
# https://hackertxt.com
#
# This file defines the security testing boundaries for this website.
# It specifies what types of security testing are allowed, when they can be performed,
# and how to responsibly disclose any findings.
#
# Schema: https://hackertxt.com/schema.json
#
# Generated at 2025-03-16T12:00:14.877Z

Allow-Pentesting: yes
Testing-Window: anytime
Responsible-Disclosure: 7

Legal-Notice: Unauthorized hacking is illegal. Follow testing rules.