By partaking in activities on the HackenProof platform, all whitehat hackers pledge to adhere to the HackenProof Code of Conduct (CoC).
This CoC is supplementary to the Terms and Conditions that all hackers must consent to when setting up an account. This Code provides the principles of engagement on the platform and outlines the potential disciplinary measures for any breaches.
Interactions on the platform should always maintain a standard of professionalism and respect. Please avoid:
Inundating report threads or sending unnecessary support requests
Leaving derogatory comments
Acting unprofessionally at Live Hacking Events or other real-life instances where you represent HackenProof
Threatening disclosure, especially related to private programs
Such conduct hampers the efficiency of the process and does not benefit you as the hacker or the program.
Disruptive Testing and Service Deterioration
Hackers must not engage in testing practices that could endanger the platform or services without prior permission. This includes excessive exploitation of vulnerabilities, unauthorized access or usage of accounts or production details not sanctioned per the program's policy, modifying production or database data, causing a Denial of Service, or in any way negatively impacting customer systems.
Exposure of Private Programs Without Permission
Revealing any aspect of a private program on the HackenProof platform is prohibited. This includes disclosing program name, scope, vulnerability details, bounty structure, account details, or any other information that could identify the program. Such exposure may lead to disciplinary actions.
Unstructured Vulnerability Disclosure - Public Programs
For public programs, hackers should adhere to responsible disclosure guidelines. This involves awaiting the development and release of a patch before publicly disclosing vulnerabilities.
Unofficial Communication With the Program Team
Hackers should only use the authorized communication channels to discuss vulnerabilities submitted to HackenProof. Contacting security teams outside the official channels about submitted reports is a breach of this CoC. HackenProof is the official communication channel unless otherwise stated in the program policy.
Reputation Manipulation and Duplicate Account Misuse
Multiple accounts are not permitted to evade penalties or to gain an unfair advantage on the platform. Similarly, activities that unfairly boost reputation are prohibited. This includes sharing account access, submitting other hackers' work, and improper requests for changes in closure status to maintain reputation.
Misappropriation of Intellectual Property
The unauthorized use of another's intellectual property, including the work of other hackers, is strictly forbidden.
Attempting to manipulate another party through pretense of a HackenProof employee, another hacker, a program member, or a security team without authorization is prohibited.
Coercion and Threats
Any attempt to extract bounties, money, or services through coercion or threats is prohibited. Cases of extortion or blackmail may be escalated depending on their severity and may be considered criminal offenses.
Adherence to this Code of Conduct ensures a secure, ethical, and productive community for all. Let's work together to maintain these standards.