We currently support the following versions of ScayOSINT with security updates:
| Version | Supported |
|---|---|
| 3.0.x | ✅ |
| < 3.0 | ❌ |
We take the security of ScayOSINT seriously. If you believe you have found a security vulnerability, please follow these steps:
- Do Not disclose the vulnerability publicly
- Do Not open a public GitHub issue
- Email your findings to scayar.exe@gmail.com with:
- Subject: "Security Vulnerability Report - ScayOSINT"
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (if available)
- You will receive an acknowledgment within 48 hours
- We will investigate and keep you updated on our progress
- Once fixed, we will:
- Credit you in the security advisory (if desired)
- Add you to our Security Hall of Fame
- Release a patch as soon as possible
When using ScayOSINT:
- Always use the latest version
- Keep your API keys secure
- Use environment variables for sensitive data
- Enable encryption for saved results
- Use a proxy when necessary
We would like to thank the following security researchers for their contributions:
- [Your name will be added here]
This security policy will be updated as needed. Last updated: [Current Date]