A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

Contact: https://support.simkl.org



# Don't even think about contacting for a beg bounty! No, it's not a typo, read on...

#

# We run this site for free and rely on community goodwill. By all means, if you find an *actual*

# security vulnerability then contact us and tell us what it is. If you find something awesome then

# we'd love to provide with a VIP status. But if you've just run some automated tooling, found something

# trivial then reached out with the expectation of cashing in, you're going to be disappointed.