| Version | Supported |
|---|---|
| 1.x.x | ✅ |
| < 1.0 | ❌ |
We take security vulnerabilities seriously. If you discover a security issue, please report it responsibly.
- Do NOT open a public GitHub issue for security vulnerabilities
- Use GitHub's private vulnerability reporting (preferred)
- Or email the maintainer directly
- Include as much information as possible:
- Type of vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
- Initial Response: Within 48 hours
- Status Update: Within 7 days
- Resolution Timeline: Depends on severity
- Critical: 24-48 hours
- High: 7 days
- Medium: 30 days
- Low: 90 days
This project is a MITM proxy that intercepts HTTPS traffic. Please be aware:
- Certificate Trust: The CA certificate should only be installed on devices you control
- Network Security: Run the proxy only on trusted networks
- Data Privacy: The proxy can see all traffic - don't use it on shared/public computers
- Certificate Storage: Keep
.revamp-certs/secure and don't commit to version control
When using Revamp:
- Only install the CA certificate on your own devices
- Use strong network security (WPA3/WPA2)
- Don't expose proxy ports to the internet
- Regularly update dependencies
- Review blocked domains list for your needs
We appreciate responsible disclosure and will acknowledge security researchers who help improve the project's security.