If you believe you found a security issue affecting OsintNET, please do not disclose it publicly before we have reviewed it.
Send a clear report with:
- Affected URL or feature.
- Steps to reproduce.
- Impact.
- Screenshots or logs if useful.
- Your contact information.
Contact: security@osintnet.com
In scope:
- OsintNET web application security issues.
- Authentication/session issues.
- Unauthorized data exposure.
- Report export or upload handling problems.
- Passive scanner safety issues.
Out of scope:
- Denial-of-service testing.
- Brute-force login attempts.
- Social engineering.
- Physical attacks.
- Automated aggressive scanning.
- Issues affecting third-party providers outside OsintNET control.
Do not:
- Attack other users.
- Access, modify or delete data that is not yours.
- Run high-volume automated traffic.
- Attempt to bypass payment, account or rate limits.
- Upload illegal, private or sensitive material without authorization.
We appreciate responsible reports that help make OsintNET safer.