Responsible Disclosure Policy

I do not operate a bug bounty program on this website, or the server/infrastructure where this website is hosted. You are therefore not invited to scan, probe, or actively hunt for vulnerabilities.

However, if you stumble across a vulnerability, I encourage responsible disclosure. If you identify a vulnerability, please do not attempt to exploit it any further.

Please contact me to disclose a vulnerability. I encourage you to encrypt your message with my GPG key, which can be found here.

If I consider the vulnerability you have found to be valid, I will ask you whether you want to be credited for the find, and potentially create an article on this blog detailing your discovery.

Thank you for your co-operation.