$ cat /etc/legal/ethics.md

ethics_statement.md

Professional Ethics

As a Software Architect exploring cyber security and aspiring ethical hacker, I am committed to the highest standards of professional conduct. My security research and learning is guided by the following principles:

1. Authorization First

I never test systems without explicit written permission from the system owner. All security assessments are conducted only after receiving proper authorization.

2. Do No Harm

I minimize impact during testing and take precautions to avoid disrupting services or causing data loss. All findings are reported responsibly.

3. Confidentiality

Client data and findings are protected with strict confidentiality. I never disclose vulnerabilities or sensitive information without permission.

4. Legal Compliance

All activities are conducted within applicable laws and regulations. I stay informed about legal requirements in relevant jurisdictions.

5. Responsible Disclosure

When vulnerabilities are discovered, I follow responsible disclosure practices, giving organizations time to remediate before any public disclosure.

Lab Environment Statement

All security testing demonstrations, labs, and writeups on this website are performed on:

  • Personal lab environments - Isolated systems for testing
  • OWASP Juice Shop - Intentionally vulnerable application
  • Authorized CTF platforms - Capture The Flag competitions
  • Training environments - HackTheBox, TryHackMe, etc.

Disclaimer

The techniques, tools, and knowledge described on this website are for educational purposes only. Using these techniques without explicit authorization from system owners is illegal and unethical.

I am not responsible for any misuse of the information provided on this website. Always obtain proper authorization before conducting any security testing.

Security Disclosure Policy

If you've discovered a vulnerability in any of my projects or this website, please follow responsible disclosure practices:

  1. Contact me at tharindums59@gmail.com
  2. Provide detailed information about the vulnerability
  3. Allow reasonable time for remediation before any public disclosure
  4. Do not exploit the vulnerability beyond what's necessary to demonstrate it

I appreciate responsible security researchers and will acknowledge contributors who help improve security (with permission).

$ cd ~/home