Consent
All hacking activities are carried out only with the full and explicit consent of the affected party.
Transparency
Procedures and methods are communicated openly and documented to promote trust and understanding.
Security
The security and integrity of the affected systems are ensured at all times, and access is strictly controlled.
Privacy
The protection of personal data is ensured, and any form of data leakage or unnecessary data collection is avoided.
Legality
All activities strictly comply with the applicable laws and regulations.
Coordinated Disclosure
Disclosures of results are carried out exclusively according to previously agreed guidelines.
Respect
A respectful interaction with all parties involved is always maintained.
Report First
Hackers explicitly follow the 'Report First' strategy, instead of 'Exploit First'. After the initial reporting of a vulnerability, they ask the company if further investigations are desired to coordinate appropriate steps together.