Forum Rules & Guidelines 🔰

XploitLK

General Forum Rules

1. Respect & Professional Conduct

Treat all members with respect and courtesy
No harassment, bullying, discrimination, or personal attacks
Disagree with ideas, not people - keep discussions constructive
No hate speech, offensive language, or inappropriate content
Respect different skill levels - we all started as beginners

2. Quality Content

Use clear, descriptive thread titles
Post in the appropriate category
Search before posting to avoid duplicates
Stay on topic within threads
No spam, advertising, or self-promotion without moderator approval
Use proper formatting and code blocks for technical content

3. Account & Privacy

One account per person
No impersonation of others or organizations
Protect your own privacy - don't share sensitive personal information
Respect others' privacy - no doxxing or sharing private information

4. Language & Communication

English & Sinhala are the primary languages (unless in designated areas)
Use proper grammar and spelling when possible
Avoid excessive use of caps, emojis, or text speak
No trolling, flame wars, or derailing discussions

5. Moderation

Moderator decisions are final
Report rule violations using the report button
Don't mini-mod (backseat moderate) - let moderators handle issues
Constructive feedback about the forum is welcome in Site Feedback

Cybersecurity Ethical Guidelines

1. Legal Compliance

All activities discussed must be legal in your jurisdiction
Only perform security testing on systems you own or have explicit written permission to test
Unauthorized access to computer systems is illegal and will result in immediate ban
Do not discuss or facilitate illegal activities

2. Responsible Disclosure

Follow responsible disclosure practices for vulnerabilities
Do not publicly disclose unpatched vulnerabilities or zero-days
Give vendors reasonable time to patch before disclosure (typically 90 days)
Coordinate with security teams when reporting vulnerabilities

3. Prohibited Content

Absolutely no posting of:

Malware, viruses, ransomware, or malicious code designed to harm systems
Working exploits for unpatched vulnerabilities
Personal data obtained without authorization (passwords, credit cards, PII)
Instructions for illegal hacking or unauthorized access
Phishing kits, credential stuffers, or fraud tools
Methods to bypass security for illegal purposes

4. Educational Purpose Only

All security discussions must be for educational and defensive purposes
Tools and techniques should be used to improve security, not compromise it
When discussing offensive security, always emphasize ethical boundaries
CTF writeups and lab exercises are encouraged

5. Vulnerability Discussion Guidelines

You MAY discuss:

Publicly disclosed CVEs with available patches
Theoretical attack vectors for educational purposes
Security research methodologies
Defensive strategies and mitigations

You MAY NOT share:

Private exploits or proof-of-concept code for active threats
Details that could enable attacks on unpatched systems
Information about targets without their consent

6. Penetration Testing Ethics

Always obtain written authorization before testing
Define clear scope and rules of engagement
Respect boundaries and stop if you find critical issues
Report findings professionally and responsibly
Do not access, modify, or delete data beyond what's necessary

7. Tool Usage Responsibility

Security tools are dual-use - use them ethically
Document legitimate use cases when sharing tools
Warn about potential misuse implications
Do not provide step-by-step instructions for malicious use

8. Data Handling

Do not share leaked databases or stolen credentials
Respect data privacy laws (GDPR, CCPA, etc.)
Use sample/dummy data in examples and tutorials
Properly anonymize any real-world examples

Consequences for Rule Violations

Warning System

First Offense: Written warning and content removal
Second Offense: Temporary ban (7-30 days)
Third Offense: Permanent ban

Immediate Permanent Ban

Sharing malware or malicious code
Posting illegal content
Doxxing or sharing private information
Coordinating illegal activities
Creating multiple accounts to evade bans

Serious Violations

The following will be reported to appropriate authorities:

Discussion or planning of illegal hacking
Sharing exploits for critical infrastructure
Child exploitation material
Terrorism or violence planning
Large-scale fraud schemes

Best Practices for Community Members

For Beginners

Read the stickied posts in each section
Use the search function before asking questions
Provide context when asking for help
Show what you've already tried
Thank those who help you

For Advanced Members

Be patient with beginners
Explain concepts, don't just give answers
Share knowledge generously but responsibly
Mentor others in their learning journey
Lead by example in ethical conduct

For Everyone

Think before you post: Would this help or harm someone?
Ask yourself: Is this legal and ethical?
Remember: Everything you post is permanent and may be seen by future employers
Stay curious: Security is always evolving - keep learning
Give back: Help others as you've been helped

Reporting Violations

If you see content that violates these rules:

Use the Report button on the post
Provide specific details about the violation
Do not engage with the violator
Let moderators handle the situation

For urgent security concerns or illegal activity: Contact moderators immediately via private message.

Contact Moderators

For questions about these rules or to appeal a moderation decision, contact the moderation team through:

Private message to moderators
Site Feedback section (for non-urgent matters)

By participating in this forum, you agree to abide by these rules. Ignorance of the rules is not an excuse for violations.

Last Updated: January 2026
These rules may be updated at any time. Check regularly for changes.