Free Tool
Security.txt Generator
Generate an RFC 9116 security.txt file so researchers know exactly how to report vulnerabilities responsibly.
Already have one? Check it here
Configure your Security.txt
How to Use Security.txt
1
Add contact details
List an email or URL where security researchers can reach you.
2
Download or copy
Copy the generated content or download it as security.txt.
3
Upload to your server
Place the file at yourdomain.com/.well-known/security.txt
4
Verify with the checker
Use our Security.txt Checker to confirm the file is accessible and correctly formatted.
Where to place security.txt
RFC 9116 requires the file at /.well-known/security.txt. You may also redirect /security.txt to that location.