If you're reading this, chances are you've seen a client with the user agent set as SecBot visiting your site while looking through your server logs. This either means, that someone from your organisation configured SecBot to perform security tests against your site or that someone is spoofing the user agent to look like SecBot.

The SecBot user agent looks like this:

Mozilla/5.0 (compatible; SecBot/1.0 +

The SecBot security testing bot checks in front of each test run that the host is still verified by accessing a file called SecBot_Verification_*.txt and asserting its content.

If you think that someone is spoofing the user agent of SecBot please contact us.