Well-Known.dev A Unique new OSINT tool - Website Research
https://well-known.dev/
How to Use the Well-Known OSINT Tool
What It Does
The Well-Known OSINT tool helps you discover information about a website by scanning its .well-known resources. These resources contain structured metadata that websites use to share important information about security policies, ad authorization, app associations, and more.
How to Use It
1. Submit a Site for Scanning
• Enter the URL of the site you want to investigate.
• If the site has already been scanned, you can view the existing results.
• If not, the tool will analyze its .well-known directory.
2. Review the Results
The scan will return details about the following .well-known resources (if available):
• Ads Authorization
• /ads.txt – Lists authorized ad sellers.
• /app-ads.txt – Similar but for mobile apps.
• App & Site Associations
• /apple-app-site-association – Defines relationships with Apple apps.
• /assetlinks.json – Defines relationships with Android apps and websites.
• Privacy & Security
• /gpc.json – Indicates if the site respects Global Privacy Control.
• /security.txt – Provides security policies and contact info.
• /robots.txt – Specifies crawling rules for web crawlers.
• Authentication & Federation
• /openid-configuration – Contains OpenID Connect provider metadata.
• Distributed Networks & Trust
• /nodeinfo – Provides metadata about decentralized social networks.
• /trust.txt – Declares relationships with other publishers.
Use of the Information
The data obtained from .well-known resources can be applied in various investigative contexts:
• Fraud Detection → Identifies unauthorized ad sellers or fake app associations.
• Privacy & Compliance Audits → Verifies if a website respects privacy standards like GDPR and CCPA.
• Cybersecurity Research → Finds security contacts, policies, and crawling restrictions.
• Threat Intelligence → Maps out connections between sites, apps, and authentication providers.
• Brand & Reputation Analysis → Confirms legitimate affiliations and detects impersonation risks.
This information helps researchers, security professionals, and analysts assess a website’s transparency, security posture, and digital trustworthiness.
That’s it!
don't use auto-edit, worse then autocorrect
sorry guys - https://well-known.dev/