READ THIS DISCLAIMER CAREFULLY BEFORE USING ANY PENETRATION TESTING OR SECURITY ASSESSMENT FUNCTIONALITY IN THIS PROJECT.
This open-source project includes security testing and penetration testing tools designed solely for:
- Authorized security testing of systems you own or have explicit permission to test
- Educational purposes in controlled, isolated lab environments
- Security research in compliance with all applicable laws and regulations
- Professional security assessments with proper authorization and documentation
This project is NOT intended for:
- Unauthorized access to computer systems
- Malicious hacking or cyberattacks
- Any illegal activity whatsoever
- Testing systems without explicit, written authorization
✓ Scanning any network or system ✓ Testing any web application ✓ Attempting any exploit or attack technique ✓ Running any security assessment tool
- Written permission from the system owner
- Clearly defined scope (what systems, what techniques, what timeframe)
- Rules of engagement documented and agreed upon
- Legal compliance with all applicable laws in your jurisdiction
| Scenario | Authorization Required |
|---|---|
| Your own systems | Self-authorization (but document it) |
| Employer's systems | Written permission from IT/Security management |
| Client systems | Written contract with clearly defined scope |
| Bug bounty programs | Program rules serve as authorization |
| Educational labs | Institution authorization and isolated environment |
United States:
- Computer Fraud and Abuse Act (CFAA)
- Digital Millennium Copyright Act (DMCA)
- State computer crime laws
- Terms of service of tested systems
European Union:
- Convention on Cybercrime
- EU Cybersecurity Act
- National cybercrime laws of member states
- GDPR (when handling personal data)
Other Jurisdictions:
- Consult local laws regarding computer security testing
- Many countries have strict computer crime legislation
- Ignorance of the law is not a defense
- Criminal charges for unauthorized access
- Civil lawsuits for damages
- Employment termination
- Permanent criminal record
- Fines and imprisonment
- Revocation of professional certifications
- Respect Privacy: Do not access, copy, or distribute sensitive data without explicit authorization
- Minimize Damage: Use non-destructive testing methods whenever possible
- Report Responsibly: Follow responsible disclosure practices for any vulnerabilities found
- Maintain Integrity: Do not misuse access or privileges obtained during testing
- Document Everything: Keep thorough records of authorization, scope, and activities
❌ Testing systems without authorization ❌ Exceeding authorized scope ❌ Causing unnecessary disruption or damage ❌ Exploiting vulnerabilities for personal gain ❌ Sharing confidential information obtained during testing ❌ Using techniques for malicious purposes ❌ Testing critical infrastructure (hospitals, emergency services, etc.) without explicit authorization
- Stop testing that specific vulnerability once confirmed
- Document the finding with proof of concept (without causing damage)
- Report to the vendor/owner through responsible disclosure channels
- Allow reasonable time for remediation before public disclosure
- Follow industry standards (e.g., ISO 29147, FIRST)
- Never exploit a vulnerability for any purpose other than demonstrating it to the owner
- Publicly disclose vulnerabilities without allowing remediation time
- Sell vulnerabilities to third parties
- Exploit vulnerabilities for any purpose
- Share vulnerability details with unauthorized parties
- YOU are solely responsible for ensuring your use is legal and authorized
- YOU will obtain all necessary authorizations before testing
- YOU will comply with all applicable laws and regulations
- YOU will use the tools only for legitimate security purposes
- YOU understand the potential legal consequences of misuse
- YOU will not hold the project contributors liable for your actions
- ✓ Understanding and complying with all applicable laws
- ✓ Obtaining proper authorization before any testing
- ✓ Documenting authorization and scope
- ✓ Using tools only within authorized scope
- ✓ Protecting any sensitive data encountered during testing
- ✓ Reporting vulnerabilities responsibly
- ✓ Following ethical hacking practices
- Do not encourage illegal activity
- Do not authorize any specific use case
- Do not guarantee the tools are safe or legal for any purpose
- Do not accept liability for misuse of the tools
- Provide these tools "AS IS" without warranty of any kind
USE AT YOUR OWN RISK.
Please report to:
- Local law enforcement if illegal activity is occurring
- System administrators if unauthorized testing is detected
- Project maintainers through responsible disclosure channels
- Report misuse to appropriate authorities
- Educate others about legal and ethical use
- Support responsible security research
- Promote proper authorization and documentation
- CERT Ethical Hacking Guidelines: https://www.cert.org/european-hacker-report/
- OWASP Testing Guide: https://owasp.org/www-project-web-security-testing-guide/
- PTES (Penetration Testing Execution Standard): http://www.pentest-standard.org/
- OSSTMM (Open Source Security Testing Methodology Manual): https://www.isecom.org/research/osstmm.html
- NIST Guidelines: https://www.nist.gov/itl/applied-cybersecurity/national-vulnerability-database
-
Certifications that cover legal aspects:
- CEH (Certified Ethical Hacker)
- OSCP (Offensive Security Certified Professional)
- CISSP (Certified Information Systems Security Professional)
-
Legal consultation before conducting any testing
-
Written contracts with clearly defined scope
-
Professional liability insurance for security practitioners
- You have read and understood this disclaimer
- You understand the legal requirements for security testing
- You will obtain proper authorization before any testing
- You will use the tools only for legitimate, authorized purposes
- You accept full responsibility for your actions
- You understand the potential legal consequences of misuse
- Legal use of tools: Consult with legal counsel
- Proper authorization: Document procedures and seek approval from system owners
- Responsible disclosure: Follow industry standards and guidelines
- Educational use: Ensure isolated lab environments and institutional approval
| Country | Resource |
|---|---|
| USA | CFAA, State Laws |
| UK | Computer Misuse Act |
| EU | Convention on Cybercrime |
| Canada | Criminal Code (Section 342) |
| Australia | Cybercrime Act |
| Germany | Criminal Code (§202b) |
Disclaimer: This table is not exhaustive. Consult local laws.
"With great power comes great responsibility."
Security testing tools are powerful. Use them wisely, legally, and ethically.
BEFORE YOU TEST:
- ✓ Do I have written authorization?
- ✓ Is the scope clearly defined?
- ✓ Do I understand the legal implications?
- ✓ Am I prepared to report findings responsibly?
IF YOU ANSWERED "NO" TO ANY QUESTION: DO NOT PROCEED.
This disclaimer is effective as of the date below and may be updated. Last updated: January 2026
© 2026 Agent Platform Project. All rights reserved.
- Get written authorization before testing anything
- Stay within defined scope at all times
- Follow ethical guidelines and legal requirements
- Report findings responsibly through proper channels
- Accept full responsibility for your actions
- When in doubt, don't do it – seek legal guidance
✓ Authorized security professionals ✓ Students in supervised educational environments ✓ Researchers with proper approvals ✓ Bug bounty hunters following program rules ✓ System owners testing their own infrastructure
✗ Unauthorized testing ✗ Malicious activity ✗ Illegal hacking ✗ Causing damage or disruption ✗ Violating laws or regulations
BE ETHICAL. BE LEGAL. BE RESPONSIBLE.
- Written authorization obtained and documented
- Scope clearly defined (systems, techniques, duration)
- Legal requirements understood and complied with
- Rules of engagement documented
- Responsible disclosure plan in place
- Testing environment isolated from production systems
- Emergency contact information available
- Liability considerations addressed
- Stay within authorized scope
- Document all activities and findings
- Use non-destructive methods when possible
- Stop immediately if unexpected issues arise
- Protect any sensitive data encountered
- Provide detailed report to authorized parties
- Report vulnerabilities through responsible disclosure
- Destroy or secure any sensitive data obtained
- Document lessons learned
- Update authorization if additional testing needed
END OF DISCLAIMER
For questions about proper use, consult with legal counsel in your jurisdiction.