null is an open forum dedicated to discussion and distribution of information pertaining to security vulnerabilities, exploits and security fixes. null aspires to nurture an active community of security researchers working towards addressing the most critical of security challenges, meanwhile spreading security awareness by encouraging responsible disclosure, conducting security trainings and awareness camps for corporations, students, government and other establishments.

Mailing List Subscription


To request to subscribe to the group, please visit the following page:

To post to this group, send email to

To unsubscribe from this group, send email to

Posting any Job Requirements –

For more options, visit this group at

Posting Guidelines

Posts should NOT contain

  • Any foul language, personal derogatory statements, attack towards any ethnic group, gender, religion or other affiliations.
  • Pornography, spam.
  • Personal replies. For example replies like: Thanks, Wow!, nice, I like it, nice email, nice idea, congratulations
  • Gratuitous advertising, marketing, self-promotion. If you would like to send a commercial email, please send a request to info |at| The final decision of allowing a commercial mail rests with the moderators.
  • Job Requirements/requests. If you want to advertise your Job requirements, kindly post them on n|u jobs portal Job seekers kindly apply for jobs through the same portal.
  • Questions like “How do I hack Gmail/Yahoo/ password?” Or “How to hack this site?”
  • Content not related to information security.
  • Queries regarding null meets. null chapter monthly meets are open to all. There is no registration required. Anyone can attend the meets and invite their friends/relatives as well.
  • Post containing only shortened URLs. For example: nice hack – http:// f00b4r
  • Everyone has a right to their opinion, criticism is acceptable but scolding, flaming, trolling will not be tolerated. In case you don’t appreciate criticism by other members please don’t email moderator(s), there is always the option to unsubscribe.
  • Please take the time to search through previous posts/FAQs/search engines to find answers before posting a new thread.
  • Irresponsible disclosures. If you would like to report a vulnerability, please send an email with the details of the vulnerability to keeda |at| and we will make sure you get your due credit.

What we usually reject with example

  • This is a response received for someone asking a question on SQL Injection: "SQL Injection might be blocked, try SQLi." Which, to be honest, makes no sense at all. If the person responding would have mentioned what he meant by SQLi we could have let it through.
  • Another set of question that gets asked quite often and is rejected: "Should I do CEH?" (or CISSP or ANY OTHER CERT) I mean, that’s the whole question. If there is no background on why you are in doubts to do it, this makes a very generic question. Give us some reasoning, some background and we’ll let it through for people to help you out. And another criteria for this sort of a question is that, it should not have been asked in the same month or two by someone else.
  • Other commonly rejected response is: "+1", "Thanx!" etc. We usually accept the "Thanks" response from the person who posted the original question but not from others. If you found some question useful, add some more details like "Thanks! I found your reply useful for me as well because I could bypass our companies PHP filter with it".
  • Repeat Answers, Yes! This is a very generic problem that we have but we don’t block it as often as we should. Once someone replies that you should "Use the XYZ framework and it will help you out" others reply with "Using XYZ framework should help", "Framework XYZ is helping me a lot" etc. Unless you add something more than what the initial response said, refrain from posting.
  • Hijacking threads, A lot of people tend to post their question on someone else’s thread or a very old thread, which is not allowed to pass through to the list most of the time. Even if your initial part contains answer to the original question. So, please start a new thread, that’s the only advice we can give.

Moderation / Administration

All new members are put under moderation by default. As and when they start posting to the list their IDs are removed from moderation. The list is expected to be self-policing like any other public mailing list, however on violation of any of the above mentioned rules, moderator(s) reserves the right to remove the mail thread or even ban the offending member from the forum with or without any warning.


null or moderator(s) do not approve, validate, endorse or recommend any views, thoughts, content, tools, exploits, disclosures, vulnerability posted on mailing list by third party (i.e. anyone other than the moderator(s)). The list falls under public preview and due to the nature of the list where issues pertaining to security are discussed, members should exercise their discretion before posting any sensitive content on the null mailing list. The author will be held responsible and accountable for their post on the null mailing list. While moderator(s) makes every effort to remove any inappropriate content from the list, NULL OR ITS MODERATOR(S) CANNOT BE HELD RESPONSIBLE OR LIABLE FOR ANY DAMAGE CAUSED BY A POST IN ANY WAY. In case there are legal implications of a post, null stand to fully cooperate with any law enforcement agency that requires information available with us. This charter and its terms and conditions are subject to change without any prior intimation. The latest null Mailing list charter will be available at and will also be circulated periodically through null mailing list. All the members should adhere to the current Terms and Condition of this charter. If you do not agree to the terms and conditions, please unsubscribe from the null mailing list.

Last edited: 2020-04-13 21:13:21 +0530