LEGAL
Acceptable Use Policy
Rules for responsible use of Nandix scanning tools.
Last updated: June 2026
1. Authorized Targets Only
You may only scan systems that you own or that you have explicit written authorization to test. Scanning any system without permission is prohibited and may be unlawful. You affirm this authorization before every scan, and you are solely responsible for the targets you submit.
2. No Exploitation
Nandix is a non-destructive scanner: it sends HTTP and TLS requests and analyzes responses. You may not use Nandix, or any information it produces, to exploit a vulnerability, exfiltrate data, gain unauthorized access, or otherwise cause harm to any system.
3. Prohibited Activities
- Unauthorized scanning of systems you do not own or have permission to test.
- Denial-of-service, flooding, or any attempt to degrade a target’s availability.
- Data exfiltration, credential theft, or exploitation of any finding.
- Bulk or automated abuse intended to circumvent rate limits or fair-use controls.
- Scanning government, military, or critical-infrastructure targets without explicit, documented authorization from the system owner.
- Any use that violates applicable Indian or international law.
4. Rate Limits & Fair Use
Nandix applies per-user and per-IP rate limits to keep the service available for everyone. You may not attempt to bypass, evade, or overwhelm these controls. Excessive or automated use beyond reasonable limits may be throttled or blocked.
5. Reporting Abuse
If you become aware of misuse of Nandix, or believe a target has been scanned without authorization, report it to nandix@shunyax.com.
6. Enforcement
Violations of this policy may result in suspension or termination of access, removal of scan data, and referral to the appropriate authorities where unlawful activity is suspected. We may take any action we deem necessary to protect the service and its users.
This policy is provided for transparency. Consult legal counsel for binding interpretation.