Recently a foreign company RecordedFuture made an analysis of Cknife in their blogs[1]. But it is full of errors, misunderstandings and even slanders just because we are Chinese and made Cknife open source. Here we publish a disclaimer and clarify the motives of open sourcing Cknife.

Cknife is only limited to security research and education. Cknife’s users should **be responsible for any result lead by incorrect uses. We shall not be responsible **or liable for any result, risk and law violation arising therefrom.

Why we developed Cknife:
1. Helpful for security testers in authorized penetration testings.
2. Helpful for WAF companies make their WAF stronger in attack-defense
interaction.
3. Helpful for network administrators manage their web sites.

Why we made Cknife open source:
1. Upgrade Cknife continuously by crowd-sourcing of github.
2. Under audit and supervision because back doors are usually embedded in web shell management tools.

We believe only through attack-defense interaction can security researchers and WAFs make progresses to give users a more secure Internet.

[1] https://www.recordedfuture.com/web-shell-analysis-part-2/