The Site HOUND project takes security seriously. We encourage responsible disclosure of vulnerabilities to ensure the safety of users and the integrity of the project.
The following versions of Site HOUND are currently supported with security updates:
| Version | Supported |
|---|---|
| v2.0.0+ | β Yes |
| <v2.0.0 | β No |
β οΈ Always use the latest version to stay protected.
If you discover a security vulnerability, please do not disclose it publicly.
Instead, report it responsibly:
- π§ Email: bcs.team.oficial@gmail.com
- π¬ GitHub Issues: Use private reporting (if available)
- π Facebook (Private Message): Bangladesh Cyber Squad
To help us investigate quickly, include:
- π Description of the vulnerability
- π― Affected component (module, function, feature)
- π Steps to reproduce
- π₯ Potential impact
- π Proof-of-concept (if possible)
| Stage | Time |
|---|---|
| Initial response | within 24β72 hours |
| Investigation | 3β7 days |
| Fix release | depends on severity |
We aim to respond as quickly as possible.
We follow a responsible disclosure approach:
- β No public disclosure before fix
- β Coordinated disclosure after patch
- π€ Credit will be given (if requested)
This policy applies to:
- Core fuzzing engine (
site-hound.py) - Wordlist processing system
- Header spoofing engine
- Async request handling
- Output & logging system
The following are not considered vulnerabilities:
- Misuse of the tool
- Scanning without permission
- Target-side vulnerabilities
- Rate limiting or blocking by target servers
- β Use only on authorized targets
- β Avoid aggressive scanning on production systems
- β Use rate limiting to prevent disruption
- β Respect legal and ethical boundaries
This tool is intended for educational and authorized security testing only.
The maintainers are not responsible for:
- misuse of the tool
- illegal activities
- damage caused by improper usage
We appreciate responsible security researchers who help improve this project.
βSecurity is not a feature β it is a responsibility.β