Skip to content

SECURITY

Only against what you own.

Riposte drives real offensive tooling against real systems. That power comes with one hard rule and a set of controls built to enforce it. This page covers both: how to use it responsibly, and how to tell us if you find a hole in Riposte itself.

AUTHORIZED USE ONLY

Riposte drives real attack tooling.

THE RULE

Run Riposte only against systems you own or are explicitly authorized to test. Pointing offensive tooling at infrastructure you do not have written permission to assess is very likely illegal, and it is on you. When in doubt, you do not have authorization.

The controls below are built to keep an authorized engagement inside its lines. They are not a substitute for that authorization, and they cannot make an out-of-scope target legal to touch. They exist so that when you are cleared to test something, it stays hard to stray past the edge of what you were cleared for.

HOW RIPOSTE STAYS IN BOUNDS

Three controls, on by default.

01

Deny-by-default scope.

Nothing is in bounds until you put it there. You declare the exact targets, and anything outside that scope is never touched, not enumerated and not probed.

02

Approval on every consequential move.

The operator does the tedious work but not the deciding. Any move that could change or reach a system stops and waits for your explicit go-ahead. It never escalates on its own.

03

A hash-chained audit log.

Every action is written to a tamper-evident log where each entry is chained to the one before it. Break the chain and it shows, so there is always an honest record of what ran.

Each control fails closed. If scope is unset, nothing runs. If an approval is not given, the move does not happen. If the log cannot be written, the operator stops rather than act without a record.

REPORT A VULNERABILITY

Found a hole in Riposte? Tell us.

Riposte is a security tool, so a flaw in it is a flaw that matters. If you find a vulnerability in Riposte itself, please report it to us privately through a GitHub security advisory before disclosing it anywhere else. That keeps the report between us until there is a fix.

  • Report privately first, not in a public issue or pull request.
  • Pre-alpha means there is no formal SLA yet, but every report is read and taken seriously.
  • There is no bug-bounty program yet. Reports are welcomed on their own merit.
  • Tell us what you found, how to reproduce it, and the impact you see.

pre-alpha . authorized use only . no telemetry . runs offline