17 comments

[ 3.1 ms ] story [ 49.2 ms ] thread
I wasn't clear on the verification performed to ensure the client had authority to perform testing against the chosen target.
You have to verify user.
I think you misunderstand the concern, suppose a user enters gov.mil as a domain to test with which they are unaffiliated.

The tools test it and with disastrous affect all governmental and military services go offline.

It would be reasonable to then take legal action against the platform rather than the user, as the user did not confirm they had permission to perform testing or that they understood the risks involved.

20 cybersecurity tools, 0 frontend developers on the payroll
Looks pretty standard for autogenerated API documentation to me.
I don't see a problem here.
0 QAs as well...
"Don't be snarky."

"Please don't post shallow dismissals, especially of other people's work. A good critical comment teaches us something."

"Please don't complain about tangential annoyances—e.g. article or website formats, name collisions, or back-button breakage. They're too common to be interesting."

https://news.ycombinator.com/newsguidelines.html

(comment deleted)
(comment deleted)