From c1c94e624e1555b18c2e30387c7a61d8771de3af Mon Sep 17 00:00:00 2001
From: pdmarf <135653545+pdmarf@users.noreply.github.com>
Date: Fri, 17 Apr 2026 23:10:25 +0100
Subject: [PATCH] Add whitelist and version check instructions to README

---
 README.md | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/README.md b/README.md
index 803df8e..fa9d888 100644
--- a/README.md
+++ b/README.md
@@ -55,6 +55,33 @@ After cloning, run `setup.sh` once. It will:
 - Send a test Telegram message confirming the VM is active
 - Create a `logs/` folder — logs are kept for 60 days then auto-deleted
 
+## Whitelisting Known-Safe Findings
+
+If a script flags something you know is safe, add it to `whitelist.conf` on that VM to suppress it in future scans. This file is VM-specific and never committed to git.
+
+Add a package name:
+```bash
+echo "ua-parser-js" >> ~/security-tools/whitelist.conf
+```
+
+Add a file path:
+```bash
+echo "/tmp/my-known-script.sh" >> ~/security-tools/whitelist.conf
+```
+
+View or edit the whitelist:
+```bash
+nano ~/security-tools/whitelist.conf
+```
+
+## Checking Script Versions
+
+To see which version of a script is running on a VM:
+```bash
+head -2 ~/security-tools/npm-security-check.sh
+head -2 ~/security-tools/check-nextjs-rce.sh
+```
+
 ## Updating an Existing VM
 
 When changes are pushed to this repo, update any VM by running: