Honeyscanner follows Semantic Versioning for its releases. Please ensure you are using a supported version as listed in our releases page.
If you discover a security vulnerability within Honeyscanner, please follow these steps to report it:
-
Do Not Publicly Disclose: Please do not disclose the vulnerability publicly until a fix has been implemented and released.
-
Contact Information: You can report the vulnerability by contacting the maintainers directly at [email protected]. Please include the following details:
- A clear description of the vulnerability.
- Steps to reproduce the issue.
- Any potential impacts or exploits.
-
Acknowledgments: Vulnerability reporters will be acknowledged in the project's
SECURITY.mdfile unless requested otherwise.
To ensure the security of your Honeypot and Honeyscanner setup, please consider the following best practices:
-
Run in Isolated Environment: Always run Honeyscanner in a secure and isolated environment, preferably within a virtual machine or container.
-
Access Controls: Limit access to your honeypot and Honeyscanner application to authorized users only.
-
Regular Updates: Keep Honeyscanner and all dependencies up to date. Monitor the project's GitHub page for updates.
-
Monitor Activity: Regularly monitor logs and activity for any unauthorized access attempts.
-
Use Secure Credentials: Always use strong, unique passwords and consider using environment variables for sensitive information.
This project is licensed under the MIT License.
Honeyscanner is intended for use on honeypots you own or have explicit permission to test. Use of Honeyscanner on unauthorized systems may be illegal and is not condoned by the maintainers.
For any other security-related inquiries, feel free to reach out via the contact information provided above.