Security Policy

Scope

The following are in scope for vulnerability reports:

• farksecurity.com and any subdomains
• Any service or application operated by farksecurity.com

The following are out of scope:

• Third-party services or infrastructure not under our control
• Social engineering or phishing attacks against us or our users
• Denial-of-service attacks
• Automated scanning without prior coordination

How to Report

Send a detailed report to: admin@farksecurity.com

Please include:

• A clear description of the vulnerability
• Steps to reproduce (proof-of-concept, screenshots, or a video if applicable)
• Potential impact and affected components
• Any suggested remediation

What to Expect

• Acknowledgement — We will confirm receipt of your report within 3 business days.
• Triage — We aim to assess severity and begin remediation within 10 business days.
• Updates — We will keep you informed of progress and notify you when the issue is resolved.
• Credit — With your permission, we will acknowledge your contribution once the vulnerability is fixed.

Good Faith

We ask that you:

• Avoid accessing, modifying, or deleting data that does not belong to you
• Limit testing to what is necessary to confirm the vulnerability
• Not disclose the vulnerability publicly until we have had a reasonable opportunity to remediate it

In return, we will not pursue legal action against researchers who discover and report vulnerabilities in good faith in accordance with this policy.