We provide security updates for the following versions of RedTeam Terminal:
| Version | Supported |
|---|---|
| 2.1.x | ✅ Latest version |
| 2.0.x | ✅ Security fixes only |
| < 2.0 | ❌ Not supported |
We take the security of RedTeam Terminal seriously. If you believe you have found a security vulnerability in our software, please follow these steps:
- Ensure you are using the latest version of RedTeam Terminal
- Check our issues to see if the vulnerability has already been reported
- Do not report security vulnerabilities through public GitHub issues
To report a security vulnerability, please contact our security team directly:
- Email: security@redteam-terminal.com
- PGP Key: Available upon request for encrypted communication
- Response Time: We will acknowledge your report within 48 hours
When reporting a vulnerability, please include the following information:
- Description of the vulnerability
- Steps to reproduce the issue
- Potential impact of the vulnerability
- Your name/handle for acknowledgments (optional)
- Affected version(s) of RedTeam Terminal
- Initial response within 48 hours
- Updates on the status of your report every 7 days
- Estimated timeline for fix and release
- Credit in our release notes (if you wish to be credited)
This security policy applies to:
- The RedTeam Terminal application and its components
- Official distribution packages
- Documentation and examples
This policy does NOT cover:
- Third-party tools that RedTeam Terminal integrates with
- Custom modifications to the software
- Misconfigurations by users
When using RedTeam Terminal, we recommend:
- Keep the application updated to the latest version
- Only run on systems you own or have explicit permission to test
- Regularly review access controls and system security
- Keep dependencies updated
- Use in isolated environments when possible
We follow a coordinated disclosure approach:
- We will work with you to understand and confirm the vulnerability
- We will develop and test a fix
- We will release the fix and notify users
- We will credit you for the discovery (if you wish to be credited)
Currently, we do not have a formal bug bounty program. However, we appreciate responsible disclosure and will acknowledge your contribution in our release notes.
If you have questions about this security policy, please contact us at security@redteam-terminal.com