"The strongest case for information disclosure is when the benefit of releasing the information outweighs the possible risks. In this case, like many others, the bad guys already won. Exploits are already being used in the wild and the fact that the rest of the world is just now taking notice doesn't mean that these are new vulnerabilities. At this point, the best strategy is to raise awareness, distribute the relevant information, and apply pressure on the vendor to release a patch." - H D Moore
Hacking Expose! is an underground project aimed to put internet security issue under the spotlight. The information found here are simply a security alarm for internet users, administrators and those who forget to pass their scripts through a security check.
We will not expose problems that pose a high exploitation risk on the website in cause.
We will not save or distribute private data belonging to the affected websites or of their customers.
In most of the cases we will contact the website administrator about their website’s vulnerability.
We will do a full disclosure if the vulnerability isn’t patched in useful time or if it’s been patched after the admin is contacted. We reserve the right not to contact the webmaster before the vulnerability is posted in some cases .
Problems that affect software or problems like cross site scripting will be immediately posted without any warning to the software vendor/webmaster.
We reserve the right not to answer the messages received from the affected companies or those through which vulnerabilities are reported.
For reported vulns. we will always give credits to the one who reported it.
We can’t guarantee that vulns received on the email contact at hacking.expose[at]gmail[dot]com have not already been used for malicious purposes prior to our posting them on our website and we are not to be held responsible for the deeds committed by the ones who reported these vulns.