▶ Legal

Terms of Use

Last updated: January 2025 · Effective immediately upon use of any HexScan tool.

By using HexScan tools you agree to these terms. The short version: use these tools only on systems you own or have explicit permission to test. Don't be malicious.

▶ 1. Acceptance of terms

By accessing or using any tool on HexScan (hexscan-tools.vercel.app), you agree to be bound by these Terms of Use. If you do not agree, do not use the service. These terms apply to all visitors, users, and anyone who accesses or uses HexScan tools.

▶ 2. Acceptable use — authorized testing only

HexScan tools are designed for legitimate security research, penetration testing, and educational purposes. You agree to use them only on systems, networks, and applications that you own or have received explicit written permission to test.

You must own the target system, or have written authorization from the owner before testing.
Tools like Subdomain Recon, Directory Exposure Checker, and HTTP Header Analyzer are passive/informational tools, but must still be used responsibly.
The Breach Checker queries public breach databases — it is not a hacking tool, but results must not be used to gain unauthorized access to accounts.
Unauthorized use of security tools against third-party systems is a criminal offense in most countries, including under the Computer Fraud and Abuse Act (USA), the Computer Misuse Act (UK), and equivalent legislation worldwide.

▶ 3. Prohibited conduct

You expressly agree NOT to use HexScan tools to:

Access, probe, or attack systems without authorization.
Collect personal data about individuals without their consent.
Engage in any activity that violates applicable local, national, or international laws.
Automate or script tool usage in a way that causes denial of service to HexScan or third-party APIs.
Circumvent, disable, or otherwise interfere with security features of any system.
Redistribute or resell HexScan tools or their output as your own commercial product without permission.

▶ 4. Disclaimer of warranties

HexScan tools are provided "as is" without warranty of any kind, express or implied. We do not warrant that:

The tools will be uninterrupted, error-free, or completely accurate.
Results from breach checkers, IP analyzers, or subdomain scanners are exhaustive or up-to-date.
The service will be available at any particular time.

Security tool results are informational only. Always verify findings manually before acting on them.

▶ 5. Limitation of liability

To the fullest extent permitted by law, HexScan and its developer shall not be liable for any direct, indirect, incidental, special, consequential, or punitive damages resulting from your use or inability to use the service, including but not limited to:

Damages resulting from unauthorized use of these tools against third-party systems.
Legal consequences arising from violation of these terms or applicable law.
Loss of data, profits, or goodwill arising from reliance on tool results.

▶ 6. Third-party services and APIs

Some HexScan tools use third-party APIs to deliver results. These include:

LeakCheck API — used by the Breach Checker. Subject to LeakCheck's own terms of service.
crt.sh / HackerTarget — used by Subdomain Recon for passive certificate transparency lookups.
ip-api.com — used by the IP Analyzer for geolocation data.

HexScan is not responsible for the accuracy, availability, or terms of these third-party services. Their use is subject to their respective terms.

▶ 7. Intellectual property

HexScan is open source and available on GitHub. You are free to fork, modify, and use the code under the terms of the project's open source license. Commercial redistribution of the service without modification is not permitted without written permission.

▶ 8. Privacy

Your use of HexScan is also governed by our Privacy Policy, which is incorporated into these Terms by reference. The short version: we don't store what you type into the tools. See the Privacy Policy for the full picture.

▶ 9. Changes to these terms

These terms may be updated at any time. Continued use of HexScan after changes constitutes acceptance of the updated terms. The "Last updated" date at the top of this page will reflect any changes.

▶ 10. Contact

Questions about these terms? Reach out via the Contact page or email draeneills@gmail.com.