Copyright Policy
From Frequently Asked Questions
Copyright inquiries relating to the Digital Millennium Copyright Act (DMCA)

The Library of Congress — which periodically reviews and grants exemptions to the DMCA — has established specific rules that explicitly exempt security researchers from liability for circumventing access controls to discover security vulnerabilities in software and hardware. This exemption applies to actions such as bypassing encryption, DRM, or other security mechanisms that might otherwise impede the identification of flaws that compromise system integrity or user privacy.

If you are a software vendor or law firm looking to file DMCA notices against Packet Storm, Section 512(f) explains the consequences of filing an improper DMCA notice. A false or misleading takedown request can result in financial liability for legal costs. Packet Storm has had multiple software vendors try to suppress vulnerability information (and fail) through these filings and will not cave to these intimidation tactics.

User submissions and copyright

Following several incidents where purported authors of artifacts held in the Packet Storm collection have asked us to remove or modify material held in the collection, we are forced to ask authors to provide proof of copyright in the event that there is a request made to remove or modify an artifact. We also ask that authors be able to show proof that they are the originators of the artifact. The following points are recommendations aimed at minimizing future risks.

Copyright Notices

Works should hold a copyright notice if they are copyrighted. The copyright notice should be obvious and legible to prevent unknowing infringement, and if applicable, (e.g. papers) the notice should appear on every page. Mark any copies of your work with a copyright notice.

The copyright notice should take the form of the following:

  • The actual term "copyright"
  • The copyright symbol © [not just a c in brackets (c) as some countries do not recognize this format]
  • The year [normally when first published, but for unpublished work, use the year it was written]
  • the name of the copyright owner [this can be an legal individual, collective or organization]
  • Please do not use non-legally associated pseudonyms (e.g. "Copyright © 2020 Barack Obama").

Copyright Disclaimers

You should also include a disclaimer of some kind expressing your wishes as the copyright owner; a simple "All rights reserved" is normally sufficient but, a more explicit declaration is recommended such as "Any unauthorized broadcasting, archival or copying will constitute an infringement of copyright".

There are many different wordings depending on the terms deemed acceptable to the copyright owner. Please consult with a reputable authority on copyright legislation for more advice. Please note that Packet Storm will house copyrighted works if permission is given in the document to distribute without modification.

Supporting Evidence

Additional evidence to support your claim in case of dispute should include software "footprints" (algorithms, etc.) that can uniquely identify you as the author and keep as much of the background work as you can (e.g. experimental log files, working documents, sketches and drafts, earlier versions, prototypes). If you ever make a claim to a Copyright Tribunal or a court this can be very valuable as it demonstrates evolution of your ideas.

Register Your Work

To prove your work was created before a certain date, and to give stronger supporting evidence, we recommend that you register your work with an independent agent, who can substantiate your claim in case of a dispute.

A registration with a Copyright Service is probably the most reliable way to ensure your rights are protected under local, national, and international intellectual property laws.

Agreement Between Co-authors

In the case of jointly authored works, you should have some agreement, whereby if a member of your group, organization, or collective leaves you are all clear what will happen to the copyright of your work.

The most straightforward method to take when deciding your agreement is to think of your organization, collective, or principal writer/writers as an employer for whom you work. Normally, if you produce work under contract for a business or third party, the business will hold the copyright to that work.

Additional Points of Note

If a work is produced as part of your employment or under contract to a third party (e.g. freelance work), normally the copyright belongs to the person/company who hired you, unless you have an agreement to the contrary.

Only the owner of copyright, or his exclusive licensee can bring proceedings in the courts against an infringement.

Copyright does not exist in names, colors, inventions, or ideas, but may exist in a work expressing or composed from these concepts.

Fair Use of Exploits Found in Honeypots

Exploits which are illegally left in "honeypots" can and will be published in the archive. This is done for the purpose of educating our users about security threats. It is legal to publish code abandoned in honey pots as this is fair use of the programs under 17 U.S.C.A 117.

Fair use is determined by the following criteria:

The purpose and character of the use, including whether such use is of a commercial nature or is for nonprofit educational purposes;
The nature of the copyrighted work;
The amount and substantiality of the portion used in relation to the copyrighted work as a whole;
The effect of the use upon the potential market for or value of the copyrighted work. 17 U.S.C.A 107


If you have any questions, feel free to send a message to a sysop or send Support an email.


Help Section



 About | Terms | Copyright | Privacy | BlueSky | X | Mastodon
 © 2024 - 2025
All Rights Reserved Packet Storm Security, LLC
Hosting provided by: RokaSecurity