Security Disclosure Policy

If you have discovered a security issue on this site or in any of my published projects, please report it responsibly.

Contact

Email: security@0xb105.com (replace with your actual contact)

PGP fingerprint and key will be published here once available.

Response Timeline

  • Acknowledgment within 72 hours.
  • Initial assessment within 7 days.
  • Public disclosure coordinated with the reporter, typically 90 days after a fix is available.

Scope

  • This website and any associated infrastructure.
  • Open-source projects published under my name.
  • Research artifacts where explicitly labeled as in-scope.

Out of Scope

  • Social engineering, phishing, or physical attacks.
  • Denial-of-service testing against production infrastructure.
  • Reports for third-party services without a clear link to my projects.