Imprint of the Vulnerability Lab - Privacy, Data Protection & Law

Company: Evolution Security GmbH - (Vulnerability Laboratory )
Representative & Owner: Benjamin Mejri (Kunz)

Domains: www.vulnerability-lab.com or www.vuln-lab.com
Administration: [EMAIL] [PGP KEY]

General Information
Vulnerability-Lab does not endorse or recommend any commercial products, processes, or services. The views and opinions of authors expressed on the Vulnerability-Lab and the VMA do not necessarily state or reflect those of Vulnerability-Lab. All files on this website have been checked for viruses or evil malicious functions. However, Vulnerability-Lab accepts no responsibility for any damage caused by viruses, exploits or any other code suffered as a result of using this site. All files viewed and/or downloaded are at the user's own risk. We do our best to transfer all poc with secure or modified content to the free accessable main website of v-lab.

Justice, Law , Hacker Paragraph & Co. ... ?
We work & program in a local isolated environment and do not use hacker tools. We analyze vulnerabilities with professional resources and skills. Research Team will never publish hacking programs or any type of illegal stealer programs. Which are but not limited to phishing kits, bank trojans or exploit kits. We pay extra attention to follow all necessary German/European laws, but use our right to exchange information in a normal way! All the submitted vulnerabilities will only be shared with the manufacturer of the product (days/weeks before publishing) and after that their published to protect your local environment. If submissions contain malicious code or illegal comments or details, the problem section will be removed/modified or replaced with something harmless. This to protect the vendor and after publishing all users of the Vulnerability Laboratory & Co. We do not approve or encourage anybody to break any vendor licenses, policies, deface websites, hack into databases or trade with fraud/stolen material. We do not publish advisories/vulnerabilities of religious, militant and racist hacker/analyst/researcher groups or individuals. We have no need for criminal activities or membership requests. Those kind of requests will be deleted instantly without any comment.

External Links & Websites
The Vulnerability-Lab may contain links to or may be accessible from links within related or unrelated World Wide Web sites and resources. Vulnerability-Lab shall not be liable for any loss, injury, claim, liability, or damages, especially caused by viruses, damages of any kind arising out of or in connection with such links. You should direct any concerns regarding any outside link to its site administrator. You may be transferred to other third party sites through links from our site. You are cautioned to read the external websites “Terms of Conditions” and “Privacy Policies” before using them, in order to be aware of their terms and conditions of use. These sites may contain information or material that is illegal, unreasonable or that some people may find inappropriate or offensive. These other sites are not in anyway under the control of Vulnerability-Lab , are not monitored or reviewed by Vulnerability-Lab , and Vulnerability-Lab is not aware of their contents. You acknowledge that Vulnerability-Lab is not responsible for the accuracy, copyright compliance, legality, decency, or any other aspect of the contents or any transmissions received through such sites. The inclusion of such a link does not imply endorsement of the site by the Vulnerability-Lab or any association with its operators and is provided solely for your convenience. You agree that Vulnerability-Lab has no liability whatsoever from such third party sites and your usage of them. Users cannot assume that the external sites will abide by the same policies to which Vulnerability-Lab adheres. The Vulnerability Laboratory and the Evolution Security GmbH will not be held liable for any delays, inaccuracies, errors or submissions in the Vulnerability Laboratory, in the transmission or delivery of all or any part thereof, or for any damages arising from any of the foregoing. The Evolution Security GmbH and the Vulnerability Laboratory Program does not represent or endorse the accuracy or reliability of any content.

Data-Security & Encryption
Use of this website is possible without providing personal information like adress, name and location. There are only pseudonyms(nicknames) or the choice to be an anonymous researcher. IP addresses and normal page requests are not collected, only destructive requests (Web Attacks, DDoS and Spam) are monitored by the monitoring system. If any illegal actions take place, IP addresses, or sessions from the attack will be forwarded to investigative authorities. File transfers can be handled secure via inline pgp or through encrypted application connection. The stored user information of this portal are high encrypted. We also do not allow to setup an own password or to change the email for security reason.

Researchers, Exploiters & Analysts - Data Protection
We do not publish researcher mails, conversations, numbers or anything else to journalists, investigative authorities or private persons. We have no need who wants to buy or need private data located to any person, statistic or group of the laboratory. Researchers & exploiters of the research laboratory infrastructure are allowed to publish vulnerabilities as anonymous person by usage of the `Anonymous - N/A` account status. We provide encryption (pgp) to the contact mails of service and researchers in the lab to secure the sensitive information.

This data protection declaration is intended to inform users of this website in accordance with the Federal Data Protection Act and the Telemedia Act about the type, scope and purpose of the collection and use of personal data by the website operator of "Evolution Security GmbH". The website operator takes your privacy very seriously and treats your personal data confidentially and in accordance with legal regulations. Please note that data transmission over the Internet can be affected by public or non-public security vulnerabilities. Complete protection against access by third parties cannot be 100% guaranteed.

Access Data
The website operator or page provider collects data about access to the site and saves it as "server log files". The following data is logged in this way: Visited websiteor page, Time at the time of access, Amount of data sent in bytes, Browser, Operating system, IP and Adress.

The collected data is only used for statistical analysis and to improve the website. However, the website operator reserves the right to check the server log files at a later date, should concrete indications point to illegal use.

Cookies
This website uses cookies. These are small text files that are stored on your mobile device. Your browser accesses these files. The use of cookies increases the user-friendliness and security of this website. Common browsers offer the option to disable cookies. Note: There is no guarantee that you will be able to access all the features of this website without restrictions if you make the appropriate settings.

Handling of Personal Data
The website operator collects, uses and passes on your personal data only if this is permitted by law or if you consent to the collection of data. Personal data is any information that is used to determine who you are and which information can be traced back to you - such as your name, e-mail address and telephone number.

Handling of Contact Data
If you establish contact with the website operator through the contact options offered, your details will be stored so that they can be used to process and answer your enquiry. These data will not be passed on to third parties without your consent.

Handling Comments and Contributions
If you leave a contribution or comment on this website, your IP address will be saved. This serves the security of the website operator: If your text violates the law, he wants to be able to trace your identity.

Newsletter Subscription
The website operator offers you a newsletter in which he informs you about current events and offers. If you would like to subscribe to the newsletter, please enter a valid e-mail address.

Rights of the User: Information, Correction and Deletion
Upon request, you as a user will receive free information about the personal data stored about you. If your request does not conflict with a legal obligation to store data (e. g. data retention), you have the right to correct incorrect data and to block or delete your personal data.

Links to other Websites
If you access an external website via a link from our site (external source), the external provider may receive information from your browser about where you were referred to it on our website. In this case, the data owner is the external provider. Like any other Internet site provider, we are not in a position to influence or monitor this process.

Information on the Scope of Application
If you have any further questions, for example about data that we have stored on your person, after inquiries or comments, please contact us directly via our company. You can view the individual contact options in our imprint or the contact page. Our company fulfils your right to information and deletion within the framework of the general data protection (DSVG) & the european data protection ordinance (EU-DSVG)

Copyrights, Permission & Trademarks
All pictures, texts, advisories, sourcecodes, ressources, videos and other information of the vulnerability lab website is trademark of the evolution security gmbh company & the specific authors, manufacturer or manager team. To record, public list(feed/auto), modify, public demo usage, copy or edit our material contact the administrators or managers of the program to get a permission.

Vulnerability Laboratory - Vulnerability Research Program (EU)
www.vulnerability-lab.com or www.vuln-lab.com