legal · disclosure

Responsible Disclosure

Found a vulnerability in AMMAR.EXE? Tell us first.

documentupdated · 2026-07-01jurisdiction · global
01

How to report

Email security@ammar.exe with a clear technical writeup and PoC.

PGP key available on request.

Initial response within 48 hours.

02

Rules of engagement

No social engineering of staff or users.

No DoS / resource exhaustion testing.

No automated scanners against production.

Stick to your own test account.

03

Hall of fame

Valid reports earn a public hall-of-fame mention, swag, and (eligibility-dependent) a bounty.

end · of · document
Explore related policies
Everything you need to know about how AMMAR.EXE operates.