46 lines
971 B
Markdown
46 lines
971 B
Markdown
# Security Policy
|
|
|
|
## Supported Versions
|
|
|
|
| Version | Supported |
|
|
| ------- | ------------------ |
|
|
| 0.1.x | :white_check_mark: |
|
|
|
|
## Authorized Use
|
|
|
|
Ghost is designed for:
|
|
- Authorized security testing
|
|
- Defensive security operations
|
|
- CTF challenges
|
|
- Security research and education
|
|
|
|
## Reporting Vulnerabilities
|
|
|
|
**Do NOT** open public issues for security vulnerabilities.
|
|
|
|
Contact: Create a private security advisory on GitHub
|
|
|
|
### Response Timeline
|
|
|
|
- Acknowledgment: 48 hours
|
|
- Initial assessment: 1 week
|
|
- Critical fixes: 7 days
|
|
- High priority: 30 days
|
|
|
|
## Security Best Practices
|
|
|
|
- Test only in authorized environments
|
|
- Run with minimum privileges
|
|
- Keep Ghost updated
|
|
- Sanitize logs before sharing
|
|
- Follow responsible disclosure
|
|
|
|
## Known Limitations
|
|
|
|
- Advanced malware may evade detection
|
|
- Kernel rootkits not detectable
|
|
- Platform-specific limitations
|
|
- Performance overhead on production systems
|
|
|
|
Thank you for helping keep Ghost secure!
|