1. Authorized Testing Only
You may only scan domains that you own or have explicit written authorization to test. Submitting domains you do not control is a violation of this policy and applicable law.
2. Prohibited Activities
- Scanning domains without authorization
- Attempting to bypass domain verification
- Using scan results to attack or exploit third-party systems
- Sharing scan results containing vulnerability details publicly without remediation
- Reselling or redistributing the service without permission
- Attempting to access other users' scan data
3. Our Safety Guardrails
Redsight follows strict safety protocols during testing:
- No data deletion, modification, or corruption
- No persistent access or backdoors
- No denial-of-service or resource exhaustion
- Rate-limited to 50 requests/second per host
- Safe proof-of-concept patterns only
4. Consequences
Violations may result in immediate account suspension, permanent ban, and reporting to appropriate authorities where applicable.