Legal
Acceptable Use Policy
Last updated · 11 June 2026
Not legal advice. This document is provided for transparency and should be reviewed by qualified legal counsel for your specific circumstances.
Thiron is a defensive security tool. This policy keeps it that way. By using Thiron you agree to these rules.
Only scan what you own or may test
You must have ownership of, or explicit written authorisation to test, every domain and asset you submit. Using Thiron to scan or probe systems you do not control is strictly prohibited and may be illegal.
Do not
- Use Thiron to attack, exploit, or gain unauthorised access to any system.
- Attempt to bypass or disable the scanner's safety controls (including the SSRF guard or rate limits).
- Use the service to harvest data about third parties, or to facilitate harassment, fraud, or malware.
- Overload, disrupt, or denial-of-service the Thiron platform or any target.
- Resell or white-label the service without a written agreement.
- Reverse engineer the service except to the extent permitted by law.
Enforcement
We may rate-limit, suspend, or terminate accounts that violate this policy, and may report unlawful activity to the relevant authorities. Questions: abuse@thiron.org.