Philosophy
I believe in coordinated disclosure that protects users and promotes safer software. If you discover a vulnerability, follow the steps to report safely.
Out of Scope
- Denial‑of‑service attacks or activities that degrade service.
- Spam or social engineering against non‑public channels.
- Findings without sufficient detail to reproduce.
How to Report
- Email a detailed report to sefat371@yahoo.com.
- Include reproduction steps, affected scope, and impact.
- Provide a minimal PoC; keep testing lawful.
- Only test systems you own or have permission to test.
Expectations
- Acknowledgement typically within 72 hours.
- Coordination on remediation and timelines.
- Public credit if desired.