LEGAL & ETHICS
This tool is for authorised security testing only.
Unauthorised scanning of systems you do not own or have explicit permission to test is illegal and may result in criminal prosecution.
Scanning websites and web applications you own outright
Testing systems where you have explicit written permission from the owner
Authorised penetration testing engagements with a signed statement of work
Internal security assessments of your organisation's own infrastructure
Educational and research use in isolated lab environments
Scanning any website or system without prior written authorisation
Targeting production systems of third parties without a signed penetration testing agreement
Using scan results to exploit, extort, or harm any organisation or individual
Distributing or selling reports generated from unauthorised scans
Circumventing authentication or access controls beyond the agreed scope
Automated scanning of third-party sites without permission may violate computer fraud laws including the CFAA (US), Computer Misuse Act (UK), and equivalent legislation in your jurisdiction
Never use this tool against production systems without a signed penetration testing agreement in place
Results are indicative, not exhaustive - always follow up with manual testing and professional review
The AI breach narrative is generated for reporting purposes only and does not constitute legal advice
ScanexAI accepts no liability for misuse of this platform
If you discover a vulnerability using this tool, notify the affected organisation responsibly
Allow a reasonable remediation window (typically 90 days) before public disclosure
Follow coordinated vulnerability disclosure (CVD) guidelines from CERT or your national CSIRT
Do not exploit discovered vulnerabilities beyond what is necessary to confirm their existence