Content of repository possibly breaks new github community guidelines

[Dantali0n]

According to the new in development github community guidelines links to active malware or exploits are not allowed. A exception is made for source code as it serves a education value.

However the files inside this repository are not source code and are direct malicious executable's hence the do not comply with github there new rules (sadly).

Quote from guidelines: Active malware or exploits - Being part of a community includes not taking advantage of other members of the community. We do not allow anyone to use our platform for exploit delivery, such as hosting malicious executables, or as attack infrastructure, for example by organizing denial of service attacks or managing command and control servers. Note, however, that we do not prohibit the posting of source code which could be used to develop malware or exploits, as the publication and distribution of such source code has educational value and provides a net benefit to the security community.

the new community guidelines are however still up for debate so I recommend raising our voice now while we still can. you can do so here: https://github.com/contact/community-guidelines

For a complete list of the new community guidelines see: https://help.github.com/articles/github-community-guidelines/#what-is-not-allowed

[vanhauser-thc]

The code here is not "active".

(Their definitiion being "exploit delivery, such as hosting malicious executables, or as attack infrastructure").

If this repository would be not according to the guideline, then metasploit and others would be neither.

Rather it could be a copyright issue, as the code might be from the NSA. However as the NSA has not officially said this code is theirs, this is also not the case (for now).

[Dantali0n]

These guidelines are proposed and not in effect as of right now, thus what is currently allowed is relevant but could change in the near future. Quote:

GitHub's community guidelines are currently proposed. These guidelines are first and foremost community guidelines and we'd like your feedback on them before they're finalized. Please let us know your thoughts prior to November 20th, 2016.

They make very clear in the current guidelines that the only exception is source code with a educational value. The executables in for example this folder are native Windows executables not source code.

The executables in this repository are very much active as the can be downloaded with a simple link and directly executed, If you do not see that as 'active' then what is?

Metasploit on the other hand contains images, scripts and DLL's or other library files as payloads and they could be in murky water as well. But at least there windows exploits are inside a DLL instead of a directly executable file.