diff --git a/SECURITY.MD b/SECURITY.MD index 754bf00..17d4faa 100644 --- a/SECURITY.MD +++ b/SECURITY.MD @@ -4,18 +4,18 @@ This repository contains information on accessing Windows APIs and functions on the JavaScript runtime, along with recent case studies. While this can provide a flexible development environment for anyone, it can also be misused for malicious purposes. Please be aware that using this project to create abuse tools, such as a DoS attack, may result in legal punishment in your country. We encourage you to use this project only for creating web technology-based applications, like Electron, or legally permitted testing tools. ## Known use cases -WelsonJS is typically used in the following situations: +WelsonJS is typically used for the following purposes: - * Test web accessibility and compliance: e.g. W3C standards(WEB-ARIA, WCAG), The national laws(ADA/DDA, GDPR) - * Explore vulnerabilities of equipment within the local network - * Improve availablity of a clients of VPN or Proxy - * Build automation, CD/CI(Continuous Integration/Continuous Delivery), DevOps, SecOps + * Testing web accessibility and compliance, including adherence to W3C standards (WEB-ARIA, WCAG), national laws (ADA/DDA, GDPR), and other relevant regulations. + * Exploring vulnerabilities of equipment within the local network. + * Improving the availability of VPN or Proxy clients. + * Building automation, CD/CI (Continuous Integration/Continuous Delivery), DevOps, and SecOps. -Note 1: If you deviate from the previous case mentioned above, please contact us before using it. +Note 1: If you plan to use WelsonJS for a purpose other than those mentioned above, please contact us beforehand. -Note 2: A similar approach that WelsonJS uses has been called `LOLBins` in the cyber security community since 2018. This is not intended to be but you will get useful hints you need for extensions. +Note 2: A similar approach to WelsonJS has been called LOLBins in the cybersecurity community since 2018. While WelsonJS is not intended to be used for malicious purposes, it may provide useful hints for extensions. ## Report abuse -If you find any abuse cases of this project, please report it. +If you discover any instances of this project being misused, please report them. * abuse@catswords.net