795b9c23fe
- Rewrote CONTRIBUTING.md in casual, direct style - Rewrote SECURITY.md to be less formal - Fixed GitHub URLs in CHANGELOG.md - Removed formal issue/PR templates - Removed codecov.yml configuration file All docs now sound human, not AI-generated.
31 lines
763 B
Markdown
31 lines
763 B
Markdown
# Security
|
|
|
|
## What's supported
|
|
|
|
Version 0.1.x gets security updates. That's it for now.
|
|
|
|
## Use this responsibly
|
|
|
|
Ghost is for:
|
|
- Testing your own systems
|
|
- Defensive security work
|
|
- CTF competitions
|
|
- Security research and learning
|
|
|
|
Don't use it on systems you don't own or don't have permission to test.
|
|
|
|
## Found a vulnerability?
|
|
|
|
Don't open a public issue. Create a private security advisory on GitHub instead.
|
|
|
|
I'll respond within 48 hours. Critical stuff gets fixed in a week, other issues within a month.
|
|
|
|
## Stuff to know
|
|
|
|
- Advanced malware can evade this
|
|
- Kernel rootkits are invisible to userspace tools
|
|
- Each platform has its own limitations
|
|
- Running this on production systems has overhead
|
|
|
|
Keep Ghost updated and test only where you're allowed.
|