Rules of engagement
Make or Break exists to teach offensive security ethically. Membership is contingent on following these rules. They are not fine print.
1Authorized targets only
Only attack machines you own, machines this platform explicitly provides for you, or systems you have written permission to test. Everything on Make or Break is designed around targets you run yourself or that are provisioned for you.
2Never touch third parties
Do not point tools, scans, or exploits at any system that is not an authorized target. Scanning or attacking systems without permission is illegal in most jurisdictions and will get you banned here.
3Keep techniques in the lab
The skills you learn are powerful. Use them to defend, to test with permission, and to build. Do not use them to cause harm, steal, or disrupt.
4Responsible disclosure
If you find a real vulnerability in a real system in the course of your own authorized work, report it responsibly to the owner and give them time to fix it before any disclosure.
5No flag sharing
Submit flags you captured yourself. Sharing flags or writeups for un-retired machines undermines everyone's learning and is treated as cheating.