zephryx.in
The apex website and the content or endpoints served directly from this host.
https://zephryx.inPOLICY ACTIVE
RESPONSIBLE DISCLOSURE / GOOD-FAITH RESEARCH
I want valid issues fixed, and I will not punish careful researchers acting in good faith. Read the scope before touching anything.
01 // SCOPE
The apex website and the content or endpoints served directly from this host.
https://zephryx.inThe public alias and redirect behavior for the main website.
https://www.zephryx.inOther subdomains, social accounts, email providers, hosting infrastructure, and third-party services are not authorized unless listed here later.
NO IMPLIED SCOPE02 // RULES OF ENGAGEMENT
03 // SAFE HARBOR
Research performed in good faith, within this policy, is considered authorized by me to the extent I can grant that authorization. I will not initiate or support legal action for accidental, good-faith violations of this policy.
If you are unsure whether a test is allowed, ask before continuing. This safe harbor does not authorize unlawful activity, apply to third-party systems, or waive anyone else’s rights.
If a test could harm a person, their data, or service availability: do not run it.04 // REPORTING
Email the report with a clear subject. Include the affected URL, impact, exact reproduction steps, and the smallest proof that confirms the issue.
Do not send passwords, API keys, session tokens, or private third-party data. If sensitive data appeared accidentally, describe it without pasting the value.
Affected URL: Summary: Security impact: Steps to reproduce: 1. 2. 3. Minimal proof of concept: Browser / environment: Suggested fix (optional): Credit preference: named / anonymous
05 // WHAT HAPPENS NEXT
06 // REWARDS & CREDIT
There is currently no paid bug bounty, swag, or guaranteed reward. Please do not test expecting payment.
Useful, responsible reports may be credited publicly—with your permission only. Anonymous reporting is respected.
GENERAL CONTACT →