Skip to content

Security: OsintNET/osintnet-public

Security

SECURITY.md

Security Policy

Reporting Security Issues

If you believe you found a security issue affecting OsintNET, please do not disclose it publicly before we have reviewed it.

Send a clear report with:

  • Affected URL or feature.
  • Steps to reproduce.
  • Impact.
  • Screenshots or logs if useful.
  • Your contact information.

Contact: security@osintnet.com

Scope

In scope:

  • OsintNET web application security issues.
  • Authentication/session issues.
  • Unauthorized data exposure.
  • Report export or upload handling problems.
  • Passive scanner safety issues.

Out of scope:

  • Denial-of-service testing.
  • Brute-force login attempts.
  • Social engineering.
  • Physical attacks.
  • Automated aggressive scanning.
  • Issues affecting third-party providers outside OsintNET control.

Safe Testing Rules

Do not:

  • Attack other users.
  • Access, modify or delete data that is not yours.
  • Run high-volume automated traffic.
  • Attempt to bypass payment, account or rate limits.
  • Upload illegal, private or sensitive material without authorization.

We appreciate responsible reports that help make OsintNET safer.

There aren't any published security advisories