Full Disclosure mailing list archives

Re: Legality of Open Source Tools

From: Sullo <csullo () gmail com>
Date: Fri, 4 Apr 2014 15:12:37 -0400

After a dozen-ish years of Nikto and some other tools, it's not been a
problem for me either.

However, it doesn't have to be illegal for someone to sue you, or include
you in a court case, which can ruin your day and possibly cost you money
regardless of right or wrong.  Having disclaimers and a license with a
forum selection clause can make your life easier should the worst case
thing happen.

Just my $.02--the closest I am to being a lawyer is having watched Boston
Legal.

-Sullo


to DoS something
On Fri, Apr 4, 2014 at 2:29 PM, Andres Riancho <andres.riancho () gmail com>wrote:

Hi. As w3af's project leader I've not received any legal threats over
the seven years this project has been alive.

Only a couple of months ago, and just to be sure, I added this
disclaimer which users need to accept to run the tool.

DISCLAIMER = """Usage of w3af for sending any traffic to a target
 without prior mutual consent is illegal. It is the end user's
responsibility to
 obey all applicable local, state and federal laws. Developers assume
no liability
 and are not responsible for any misuse or damage caused by this
program."""

On Fri, Apr 4, 2014 at 7:58 AM, Bryan Bickford <bryan () unhwildhats com>
wrote:

Greetings

I am a security researcher who is working on a project in my free time,
without going into details - the project will end with a powerful tool
being publicly released.

Obviously most cyber security tools have the potential for abuse. What

sort

of legal hurdles (if any) do you need to overcome to protect yourself

when

releasing software along the lines of metasploit?

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/




--
Andrés Riancho
Project Leader at w3af - http://w3af.org/
Web Application Attack and Audit Framework
Twitter: @w3af
GPG: 0x93C344F3

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/




-- 

http://www.cirt.net     |      http://rvasec.com/

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Current thread:

Re: Legality of Open Source Tools, (continued)
- - - Re: Legality of Open Source Tools Toni Korpela (Apr 05)
    - Re: Legality of Open Source Tools Henri Salo (Apr 06)
    - Re: Legality of Open Source Tools Jeffrey Walton (Apr 06)
    - Re: Legality of Open Source Tools Toni Korpela (Apr 06)
    - Re: Legality of Open Source Tools Toni Korpela (Apr 06)
    - Re: Legality of Open Source Tools Daniel Wood (Apr 07)
    - Re: Legality of Open Source Tools Not EcksKaySeeDee (Apr 04)
    - Re: Legality of Open Source Tools Brunner, Mark (Apr 04)
    - Message not available
    - Re: Legality of Open Source Tools John Young (Apr 05)
    - Re: Legality of Open Source Tools coderman (Apr 06)
  - Re: Legality of Open Source Tools Sullo (Apr 04)
- Re: Legality of Open Source Tools coderman (Apr 06)