pocforge is a defensive security scanner. It is intended for use against:
- Targets you own
- Targets in scope of an authorized bug-bounty program
- Targets you have written permission to test
- Deliberately vulnerable training apps (DVWA, OWASP Juice Shop, testphp.vulnweb.com)
Running it against anything else may be illegal in your jurisdiction. That is your problem, not the maintainer's.
If you find a bug in pocforge itself (false positives that could embarrass a researcher, a crash on malformed responses, a missed detection on a known-vulnerable fixture), open an issue. If the bug has security impact on users of the tool (e.g. RCE via a crafted target response — unlikely but possible), email the maintainer privately before disclosing publicly.
- Authenticated scans (no session handling)
- Active exploitation — only proof-of-concept artifacts
- Crawling — scan the URLs you give it, nothing else
- Rate limit evasion or stealth — assume every probe is logged
If you need authenticated coverage, route pocforge through Burp (--burp) so your session cookies are added by the proxy.