pdm/security-tools
Public Access
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add whitelist and version check instructions to README

Browse Source
This commit is contained in:
pdmarf
2026-04-17 23:10:25 +01:00
parent fddef543fd
commit c1c94e624e
1 changed files with 27 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
README.md
View File

@@ -55,6 +55,33 @@ After cloning, run `setup.sh` once. It will:
- Send a test Telegram message confirming the VM is active - Send a test Telegram message confirming the VM is active
- Create a `logs/` folder — logs are kept for 60 days then auto-deleted - Create a `logs/` folder — logs are kept for 60 days then auto-deleted
## Whitelisting Known-Safe Findings
If a script flags something you know is safe, add it to `whitelist.conf` on that VM to suppress it in future scans. This file is VM-specific and never committed to git.
Add a package name:
```bash
echo "ua-parser-js" >> ~/security-tools/whitelist.conf
```
Add a file path:
```bash
echo "/tmp/my-known-script.sh" >> ~/security-tools/whitelist.conf
```
View or edit the whitelist:
```bash
nano ~/security-tools/whitelist.conf
```
## Checking Script Versions
To see which version of a script is running on a VM:
```bash
head -2 ~/security-tools/npm-security-check.sh
head -2 ~/security-tools/check-nextjs-rce.sh
```
## Updating an Existing VM ## Updating an Existing VM
When changes are pushed to this repo, update any VM by running: When changes are pushed to this repo, update any VM by running: