Skip to content

Security: whiwoon/illdan

Security

SECURITY.md

Security Policy

Authorized-use scope

illdan is intended for defensive service discovery in networks and systems where you have explicit authorization to scan.

Do not use illdan against systems you do not own or have permission to assess. Before running a scan, review and constrain the target set with --scope, --max-targets, --rate, --concurrency, and --timeout.

What illdan does not do

illdan does not perform vulnerability checks, exploit verification, credential attacks, payload delivery, or destructive actions. The MVP uses TCP connect attempts for service discovery and writes local result artifacts.

When --handoff nmap or --handoff generic is enabled, illdan writes reviewable command files only. It does not install, bundle, or execute external scanners.

Reporting security issues

If you find a security issue in illdan itself, please report it privately before publishing details. Include:

  • affected version or commit
  • operating system
  • command line and flags used
  • expected behavior
  • observed behavior
  • whether any external systems were scanned
  • minimal reproduction steps using loopback or a controlled lab target when possible

Until a public repository contact channel is configured, use the repository owner's preferred private contact path.

Safe reproduction guidance

When reproducing issues:

  • prefer 127.0.0.1 or a lab network you control
  • avoid broad public IP ranges
  • do not include sensitive scan results in public issues
  • redact internal hostnames, IPs, and service banners unless they are intentionally public test data

Supported versions

illdan is currently an early-stage v0.1.0 project. Security fixes are applied to the main development branch and to the latest tagged release when practical.

There aren't any published security advisories