To security researchers (or anyone) hunting for vulnerabilities:
Feel free to try attacking the server hosting this, it really doesn't do much.
The only thing I ask is that you limit brute-force or DoS attacks, as
that just dumps alerts to my monitoring tools which gets quite annoying.
Attacking any other server besides the one hosting this message is not
permitted.
Please report exploitable vulnerabilities for any applications to the maintainers
privately, then shoot me an email at [email protected] using this gpg key. I'm
definitely curious about your attack chain, so if you feel like it,
send that to me too.
Also, going to https://www.foolsump.com/index2.html contains the POC for
the Follina vulnerability. I would check the code with something like curl
first, because trusting a random server to give you a "safe" zero-click
exploit that "just opens the calculator" is stupid.