If you discover a security vulnerability in ProbeAgent itself, please report it responsibly. Do not open a public GitHub issue.
Email: sumamovva@gmail.com
Include:
- Description of the vulnerability
- Steps to reproduce
- Affected version(s)
- Any potential impact
| Step | Timeframe |
|---|---|
| Acknowledgment | 48 hours |
| Assessment | 7 days |
| Fix / Mitigation | 30 days |
We will coordinate disclosure with you and credit reporters (unless you prefer anonymity).
This policy covers vulnerabilities in the ProbeAgent tool itself — the CLI, attack engine, scoring, and reporting components.
It does not cover:
- Vulnerabilities found in targets you scan (report those to the target's owner)
- Expected behavior of attack modules (they are designed to test security)
ProbeAgent is an offensive security testing tool. Use it only against systems you own or have explicit written authorization to test. See the README for full responsible use guidelines.