These materials are provided by Hikma Foundation exclusively for educational purposes as part of our Ethical Hacking Series. All participants must have signed our "Do No Harm Agreement" before accessing or using these materials.
STOP! Before proceeding, you must:
- ✅ Be enrolled in a Hikma Foundation Ethical Hacking Series
- ✅ Have signed the Do No Harm Agreement
- ✅ Understand that unauthorized use for tools is illegal and may result in criminal prosecution
If you have not signed the agreement, contact your instructor immediately.
These tools and techniques may ONLY be used on:
- Your own personal systems (computers, VMs you own)
- Designated lab environments (OWASP Juice Shop, DVWA, etc. running locally)
- Hikma Foundation training infrastructure
Using these materials for unauthorized access to any system violates:
- Federal Law: Computer Fraud and Abuse Act (18 U.S.C. § 1030) - up to 20 years imprisonment
- North Carolina Law: N.C. Gen. Stat. § 14-458 (Computer-related crimes)
- Civil Liability: Damages, fines, and legal fees
"Educational purposes" does not authorize illegal activity.
TO THE MAXIMUM EXTENT PERMITTED BY LAW:
Hikma Foundation, its directors, officers, employees, instructors, volunteers, and affiliates ("Foundation Parties") are NOT LIABLE for:
- Any misuse of these materials by participants
- Any illegal, unethical, or unauthorized actions by participants
- Any damages, losses, harm, or legal consequences resulting from participant actions
- Any criminal charges, civil liability, or professional consequences faced by participants
Materials are provided "AS IS" without warranty of any kind. Foundation Parties make no representations about the accuracy, reliability, or completeness of materials.
Participants acknowledge they act independently and not as agents of Hikma Foundation. The Foundation does not endorse, authorize, or condone any misuse of training materials.
By using these materials, you agree to indemnify, defend, and hold harmless all Foundation Parties from any claims, damages, losses, liabilities, costs, or expenses (including attorney's fees) arising from:
- Your use or misuse of training materials
- Your violation of any law, regulation, or the Do No Harm Agreement
- Any unauthorized access to computer systems
- Any negligent or intentional misconduct
- Any third-party claims arising from your actions
- Your personal computers and virtual machines
- Locally-hosted intentionally vulnerable applications:
- OWASP Juice Shop (http://localhost:3000)
- DVWA (http://localhost)
- OWASP WebGoat
- Authorized CTF platforms (HackTheBox, TryHackMe - follow their terms)
- All of this IN ISOLATED NETWORKS
- Production websites or applications
- Corporate networks or systems
- Educational institution systems (unless you're the IT administrator)
- Government systems
- Any system you don't personally own
- Third-party services or APIs
Get written authorization FIRST. Verbal permission is insufficient.
Follow the Do No Harm Agreement:
- STOP immediately - do not continue testing
- Report responsibly to the affected organization's security team
- Do not exploit, publish, or share the vulnerability
- Allways Allow time for remediation before any disclosure
Responsible disclosure protects you legally and ethically.
As a Hikma Foundation participant, you commit to:
- Use knowledge to protect, not harm
- Test only authorized systems
- Respect privacy, property, and legal boundaries
- Report vulnerabilities responsibly
- Act with integrity in all conduct
- Comply with all laws and regulations
Your professional reputation starts now.
This training is governed by the laws of North Carolina and the United States.
By accessing these materials, you acknowledge you are subject to North Carolina and federal law regardless of your location.
Each module requires completion of the Do No Harm Agreement.
| Question | Answer |
|---|---|
| Can I test my school's network? | NO - Unless you are authorized IT staff with written permission |
| Can I test websites for practice? | NO - Only test designated lab environments or systems you own |
| What if I find a bug accidentally? | STOP, do not explore further, report responsibly |
| Is "ethical hacking" a legal defense? | NO - Unauthorized access is illegal regardless of intent |
| What if I'm just curious? | Don't do it - Curiosity is not authorization |
- Only test what you own or have written permission to test
- When in doubt, DONT DO IT
- If it feels wrong, it probably is - DONT DO IT
By proceeding, you certify that:
- I have signed the Hikma Foundation Do No Harm Agreement
- I will only use these materials for authorized, lawful purposes
- I understand unauthorized access is a serious crime
- I accept full personal responsibility for my actions
- I agree to indemnify Hikma Foundation for any misuse
- I understand violations result in immediate termination and legal action
If you cannot certify all of the above, you may not use these materials.
- Do No Harm Agreement (must be signed before participation)
Remember: Cybersecurity professionals are trusted to protect systems, not attack them.
- Employers conduct thorough background checks
- Criminal records disqualify you from security positions
- The security community values ethical behavior
- Your actions today affect your future career
Use your powers for good.
You are bound by:
- The Hikma Foundation Do No Harm Agreement (signed)
- This disclaimer and terms of use
- All applicable federal and North Carolina laws
- Terms of service for any platforms and tools used
Hikma Foundation is not liable for your actions. You act at your own risk and are solely responsible for compliance with all legal and ethical requirements.
Hikma Foundation empowers learners with cybersecurity knowledge to build safer digital communities. We believe security education creates defenders, not attackers.
Thank you for learning responsibly.
© 2025 Hikma Foundation. All Rights Reserved.
Version: 1.0
Last Updated: November 2025