legal · disclosure
Responsible Disclosure
Found a vulnerability in AMMAR.EXE? Tell us first.
documentupdated · 2026-07-01jurisdiction · global
01
How to report
Email security@ammar.exe with a clear technical writeup and PoC.
PGP key available on request.
Initial response within 48 hours.
02
Rules of engagement
No social engineering of staff or users.
No DoS / resource exhaustion testing.
No automated scanners against production.
Stick to your own test account.
03
Hall of fame
Valid reports earn a public hall-of-fame mention, swag, and (eligibility-dependent) a bounty.
end · of · document
Explore related policies
Everything you need to know about how AMMAR.EXE operates.