The usd HeroLab contains confidential and/or legally protected information. Why? In the usd HeroLab heroes are trained for a good cause. The objective is to get better and better. Only those who solve the most difficult problems and the most complicated vulnerabilities will be capable of really helping to provide protection against attacks. Therefore, publishing configurations and solutions is strictly prohibited. Anything else would be unfair as it would spoil the joy and the pride of those who work hard to meet the challenges in the HeroLab.
Code of Ethics
Users of the HeroLab apply the skills that they have gained here only within the limits of applicable law. They are also obliged to comply with the EC Council’s Code of Ethics (as at January 4, 2015; source: EC Council):
01 Privacy private any confidential information gained in her/his professional work, (in particular as it pertains to client lists and client personal information). Not collect, give, sell, or transfer any personal information (such as name, e-mail address, Social Security number, or other unique identifier) to a third party without client prior consent.
02 Intellectual Property Protect the intellectual property of others by relying on her/his own innovation and efforts, thus ensuring that all benefits vest with its originator.
03 Disclosure Disclose to appropriate persons or authorities potential dangers to any e-commerce clients, the Internet community, or the public, that she/he reasonably believes to be associated with a particular set or type of electronic transactions or related software or hardware.
04 Areas of Expertise Provide service in their areas of competence, being honest and forthright about any limitations of her/his experience and education. Ensure that she/he is qualified for any project on which he/she works or proposes to work by an appropriate combination of education, training, and experience.
05 Unauthorized Usage Never knowingly use software or process that is obtained or retained either illegally or unethically.
06 Illegal Activities Not engage in deceptive financial practices such as bribery, double billing, or other improper financial practices.
07 Authorization Use the property of a client or employer only in ways properly authorized, and with the owner’s knowledge and consent.
08 Disclosure Disclose to all concerned parties those conflicts of interest that cannot reasonably be avoided or escaped.
09 Management Ensure good management for any project he/she leads, including effective procedures for promotion of quality and full disclosure of risk.
10 Knowledge Sharing Add to the knowledge of the e-commerce profession by constant study, share the lessons of her/his experience with fellow EC-Council members, and promote public awareness of benefits of electronic commerce.
11 Confidence Conduct herself/himself in the most ethical and competent manner when soliciting professional service or seeking employment, thus meriting confidence in her/his knowledge and integrity
12 Extreme Care Ensure ethical conduct and professional care at all times on all professional assignments without prejudice.
13 Malicious Activities Not associate with malicious hackers nor engage in any malicious activities.
14 No Compromise Not purposefully compromise or cause to be compromised the client organization’s systems in the course of your professional dealings
15 Legal Limits Ensure all penetration testing activities are authorized and within legal limits.
16 Involvement Not partake in any black hat activity or be associated with any black hat community that serves to endanger networks.
17 Underground Communities Not be part of any underground hacking community for purposes of preaching and expanding black hat activities.