SYSTEM ONLINE

Acceptable Use Policy

Defines permitted and prohibited use of the Vulnera VAPT Security Scanner. This AUP supplements and forms part of the Terms of Service.

EFFECTIVE: March 5, 2026PLATFORM: VULNERA.ONLINE GOVERNING LAW: INDIA
✕ ZERO TOLERANCE
ZERO TOLERANCE: Violation of this policy may result in immediate suspension, permanent ban, preservation of evidence, and referral to law enforcement.
EFFECTIVE DATE
March 5, 2026
ENFORCEMENT
ZERO TOLERANCE
JURISDICTION
GLOBAL
01

The Golden Rule

⚠ IMPORTANT
Only scan systems you own or have received explicit, documented, written permission to scan. Every scan you initiate is your personal legal and ethical responsibility — not ours.
02

Permitted Activities

  • Scanning your own websites, APIs, and server infrastructure
  • Scanning client systems under a signed, written penetration testing agreement
  • Security research in your own isolated lab or test environment
  • Educational scanning of intentionally vulnerable platforms (HackTheBox, TryHackMe, DVWA, WebGoat, etc.) within those platforms' terms
  • Scanning targets in legitimate bug-bounty programmes strictly within their defined scope and rules of engagement
03

Prohibited Activities

CATEGORY A — UNAUTHORISED SCANNING (ZERO TOLERANCE)
  • Scanning any domain, IP, or system without prior explicit written consent from the legal owner
  • Scanning competitor websites for competitive intelligence
  • Scanning government, military, healthcare, financial, or critical national infrastructure
  • Automated mass-scanning of internet-facing systems
  • Scanning on behalf of others without verifying they own or have permission for the target
CATEGORY B — WEAPONISATION OF RESULTS
  • Using scan results to identify and exploit vulnerabilities in third-party systems
  • Sharing scan reports of third-party systems with parties who intend to exploit them
  • Incorporating results into offensive attack tooling or frameworks
  • Publishing or leaking scan results that reveal private system details of third parties
CATEGORY C — SERVICE ABUSE
  • Overloading or denial-of-service attacking our scanning infrastructure
  • Bypassing rate limits through automation, proxies, VPNs, or multiple accounts
  • Attempting to extract or reverse-engineer our scanning algorithms or vulnerability database
  • Submitting false authorisation claims or impersonating another organisation
04

User Responsibility Declaration

By using the Service, you declare and warrant that:

  • You are at least 18 years of age
  • You are legally authorised to scan every target you submit
  • You accept full personal legal and financial responsibility for harm resulting from your scans
  • You understand that unauthorised computer access is a criminal offence in most jurisdictions
  • You will immediately report to us any scan result suggesting a serious, unpatched vulnerability in a third-party system you did not intend to scan
05

Enforcement

Violations may result in, at our sole discretion:

  • Warning and temporary suspension
  • Permanent account and IP ban
  • Preservation of logs and evidence
  • Disclosure to law enforcement authorities
  • Civil litigation to recover damages
06

Reporting Abuse

If you observe misuse of the Service by another party, please report it immediately to $https://vulnera.online/contact. Include the target URL(s), timestamps, and any other relevant information.