Introduction
At Nomonai.com, we prioritize the security of our users. We appreciate the security community's efforts in making the internet a safer place, and we encourage responsible disclosure of any potential vulnerabilities.
Scope
In-Scope:
All subdomains and services hosted under *.nomonai.com.
Out-of-Scope:
Third-party applications and services linked from Nomonai.com.
Reporting
Please report vulnerabilities to [email protected].
- Report Format:
- Description of the vulnerability.
- Steps to reproduce.
- Potential impact.
- Any other relevant information.
Rules of Engagement
You are required to get written consent from Nomon prior to any and all security testing. Those who do not are not protected by these terms. Email [email protected] for approval.
Do not exploit the vulnerability beyond the necessary steps for validation.
Do not access or leak user data.
Do not perform disruptive tests, such as DDoS attacks.
Provide us a reasonable amount of time to address the vulnerability before public disclosure.
Response
We commit to acknowledging reports within 72 hours.
We will provide periodic updates on the status of the reported vulnerability.
We aim to resolve vulnerabilities in a timely manner, depending on their severity and complexity.
We appreciate your partnership in this effort.
Rewards
While we currently are unable to offer monetary rewards, we greatly value and acknowledge your contributions and will publicly recongizing your work and research our site.
Legal Considerations
Researchers acting in good faith and adhering to this policy will not face legal repercussions for their discoveries.
Contact
For any questions related to this VDP, please contact [email protected].
We appreciate your efforts and responsible approach. Together, we can ensure the safety and security of Nomonai.com and its users.
Last Updated: 2023