We actively support the following versions of SSHCracker:
| Version | Supported |
|---|---|
| 2.0.x | β Yes |
| 1.x | β No |
Please do not report security vulnerabilities through public GitHub issues.
If you discover a security vulnerability, please report it to us privately:
-
Telegram: Contact us through our communities:
- @MatrixORG (English)
- @MatrixFa (Persian)
-
Private Message: Send a direct message to the maintainers on Telegram
Please include as much information as possible:
- Type of issue (buffer overflow, SQL injection, cross-site scripting, etc.)
- Full paths of source file(s) related to the issue
- Location of the affected source code (tag/branch/commit or direct URL)
- Any special configuration required to reproduce the issue
- Step-by-step instructions to reproduce the issue
- Proof-of-concept or exploit code (if possible)
- Impact of the issue, including how an attacker might exploit it
- Initial Response: Within 48 hours
- Detailed Analysis: Within 7 days
- Fix Development: Depending on complexity
- Public Disclosure: After fix is deployed
- Always use the latest version
- Run SSHCracker only on systems you own or have permission to test
- Use appropriate network isolation for testing
- Monitor resource usage during operations
- Follow secure coding practices
- Validate all inputs
- Use parameterized queries where applicable
- Implement proper error handling
- Regular security audits of dependencies
SSHCracker includes several security features:
- Honeypot detection to avoid legal issues
- Rate limiting capabilities
- Timeout controls to prevent hanging connections
- Input validation for all parameters
- This tool is designed for authorized penetration testing only
- Users are responsible for compliance with local laws
- Always obtain proper authorization before testing
- Use responsibly and ethically
Important: This tool is intended for authorized security testing only.
- β Authorized Use: Own systems, contracted penetration testing, educational purposes
- β Unauthorized Use: Systems you don't own without permission, illegal activities
Users are fully responsible for compliance with all applicable laws and regulations.
We recognize security researchers who responsibly disclose vulnerabilities:
No vulnerabilities reported yet
Thank you for helping keep SSHCracker secure! π