Security Policy

Responsible Disclosure

We take the security of our systems seriously. If you believe you've found a security vulnerability, please report it to us responsibly.

Reporting Process

Email your findings to me@mythic3011.com
Provide detailed information about the vulnerability
Include steps to reproduce the issue

Do's and Don'ts

Do:

Make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our services
Report the vulnerability promptly
Keep information about any vulnerabilities confidential until they are fixed

Don't:

Access or modify other users' data
Execute or attempt Denial of Service (DoS) attacks
Spam or social engineer users

Safe Harbor

When conducting vulnerability research according to this policy, we consider this research conducted under this policy to be:

Authorized in accordance with the Computer Fraud and Abuse Act (CFAA)
Exempt from DMCA restrictions
Exempt from restrictions in our Terms of Service
Eligible for our bug bounty program rewards

Response Process

After you submit a vulnerability report, you can expect:

Confirmation of receipt within 24 hours
Initial assessment and response within 72 hours
Regular updates on the progress of the fix
Public acknowledgment of your responsible disclosure (if desired)

Out of Scope

The following issues are considered out of scope:

Missing security headers that don't lead to actual vulnerabilities
SSL/TLS scan reports without proof of exploitability
Spam or social engineering techniques
Denial of Service attacks

JavaScript Required

This website requires JavaScript to function properly. Please enable it to continue.

Learn how to enable JavaScript