1. Ethical conduct

  • Never access, probe, or test any system, network, or account without explicit written authorisation from the owner.
  • All practical activities must take place only on designated lab environments, personal machines, or platforms explicitly designed for ethical hacking practice (e.g., HackTheBox, TryHackMe, CTF challenge servers).
  • Do not use club resources, knowledge, or tools to conduct, facilitate, or assist any attack — regardless of perceived intent or target.
  • Report any discovered vulnerability in university systems immediately to the faculty coordinator and follow responsible disclosure principles.

2. Academic integrity

  • Club activities, tools, and techniques must never be used to gain an unfair academic advantage — including accessing exam systems, institutional databases, or administrative platforms without authorisation.
  • Write-ups, research, and shared materials must credit original authors. Plagiarism is not tolerated.
  • All club publications, presentations, and reports must be honest, accurate, and review-approved before sharing externally.
  • Membership does not exempt any student from ASE's academic regulations and honour code.

3. Respect & inclusion

  • CyberSpASE is a harassment-free environment. Discrimination based on gender, ethnicity, religion, disability, sexual orientation, or academic background is not tolerated.
  • Treat all members, guests, faculty, and industry speakers with courtesy and professionalism.
  • Constructive criticism of ideas is encouraged; personal attacks are not.
  • Beginner questions are always welcome. Mocking or dismissing less experienced members undermines the club's mission.

4. Lab & equipment rules

  • University lab equipment and network infrastructure must be used only for authorised club activities.
  • Do not install unauthorised software on university systems.
  • Isolate all penetration testing and malware analysis work in dedicated, air-gapped or sandboxed environments.
  • Leave shared lab spaces clean and in the same state as found. Report any damage or configuration changes to a coordinator.

5. Confidentiality

  • Information shared within the club — including internal tools, challenge solutions before public release, and member personal data — must not be disclosed outside the club without permission.
  • Do not share or publicly post solutions to ongoing CTF competitions in which the club is participating.
  • Guest speakers and industry partners may share non-public information during talks. Such information must remain confidential unless explicitly stated otherwise.

6. Communication

  • Official club communication channels must not be used to share illegal content, pirated material, or harmful tools.
  • Do not impersonate other members, faculty, or external organisations in any channel or platform.
  • Social media posts that mention CyberSpASE or ASE must reflect the club's values and be factually accurate.
  • Disputes within the club should be resolved internally with the help of a coordinator before escalating.

Reporting a concern

If you witness or experience a violation of this Code of Conduct, report it to a faculty coordinator or student lead in confidence. All reports are handled seriously and promptly. Retaliation against anyone who reports in good faith is itself a violation of this code.

Consequences

Violations may result in:

  • A formal warning from the faculty coordinator
  • Temporary or permanent removal from CyberSpASE
  • Referral to ASE's student disciplinary committee
  • Referral to law enforcement for criminal activities