Veröffentlicht am 2025-04-11 von Ben Kaps
Since the beginning of this month, three security testers (âpentestersâ) have reached out to me regarding potential issues with my website. Apparently, the first one (Gaurang Maheta) found me by crawling for vulnerabilities and then posted about it on LinkedIn, where they piqued two other pentester's interest.
Incase more of these âwhite hood hackersâ stumble upon my website, I want to make the following clear: No one will get in trouble for testing my website, as long as it is in good faith. That means, it's fine as long as no one disrupts the operations of my website and server and no data is leaked publicly. Any insightful reports given to me will be appreciated and honoured in the Hall of Fame.
However, I wan't y'all to really consider if the issue you're emailing me about is actually a security concern or mostly a technicality. Yes, from now on, I will now longer acknowledge reports in my hall of fame, if they simply encourage me to use best practices instead of informing me about compromised security.
Thanks to all the people investing their time into helping to make my website a better place! đ
