We provide security updates only for the latest published version of this project.
| Version | Supported | Notes |
|---|---|---|
| Latest (v2+) | ✅ Yes | Actively maintained, receives fixes and updates |
| Older versions | ❌ No | Please upgrade to the latest release |
If you discover a security issue or suspicious behavior in this project, please DO NOT open a public GitHub issue.
Instead, contact us privately:
- Email: ogttamimi@gmail.com
We appreciate responsible disclosure and will respond as fast as possible.
When you report a vulnerability, please include:
- A clear description of the issue
- Steps to reproduce
- Expected vs. actual behavior
- Screenshots or logs (if available)
- Suggested fix (optional)
Timeline:
- Acknowledgment: within 48 hours
- Initial assessment: 3–7 days
- Fix or mitigation: depending on complexity
- Public disclosure: coordinated with the reporter
To keep your deployment secure, we recommend:
- Always run the latest image version
- Avoid exposing n8n directly to the internet
- Use reverse proxies (NGINX/Traefik) with SSL
- Change default environment variables immediately
- Use strong webhook secrets and credentials
- Restrict container permissions whenever possible
- Update system packages regularly
Our Kali-n8n image includes:
- Minimal required capabilities
- Latest Linux security patches
- Isolated environment for command execution
- Support for additional tools installed by the user
- Non-root execution where possible
- Optional root mode for full Kali workflows
If you notice unsafe defaults or want to suggest improvements, contact us privately.
This project is intended only for legal penetration testing, automation, and research purposes.
You must comply with all applicable laws and obtain authorization before running any security tools.
We do NOT condone or support illegal activities.
We appreciate all contributions that help keep this project secure.
Your feedback helps us improve and maintain a safe ecosystem for everyone.