Last updated: 2026-05-13
These terms govern your use of ASMHunter. By creating an account or running a scan, you agree to them. If you do not agree, do not use the service. Plain language, no theatrics.
ASMHunter (asmhunter.app) is a continuous attack surface monitoring platform for bug bounty hunters and security teams. We periodically run discovery and detection tooling — subdomain enumeration, port coverage, HTTP probing, web crawling, and vulnerability templates — against domains you configure. Findings are stored in your dashboard and pushed to you via Telegram and email.
This is the single most important section. You may only configure scan targets that you own, that you are explicitly authorized to test, or that are listed in a public bug bounty program with in-scope assets that match.
By submitting a target you warrant and represent that you have legal authority to perform automated security testing against it. This includes verifying that:
ASMHunter is a tool, not a license. Unauthorized scanning may violate computer-misuse law in your jurisdiction (CFAA in the US, the Computer Misuse Act in the UK, TCK 243 in Turkey, equivalents elsewhere). If you point this tool at something you are not allowed to test, that is on you, not us. We will cooperate with valid legal requests from asset owners and law enforcement.
You may not, and may not attempt to:
We may suspend or terminate accounts that violate these rules, without refund, and report serious abuse to the relevant parties.
ASMHunter is sold in tiers:
Payments are processed by LemonSqueezy, the merchant of record. Subscriptions auto-renew monthly or yearly at the cycle you select until you cancel. Pricing may change with at least 30 days notice; existing subscribers keep their current price for at least one renewal cycle after a change.
If you are not satisfied within 7 days of your first paid charge on a given subscription, email ops@asmhunter.app and we will refund it. No interrogation, no forms. After the 7-day window we do not issue prorated refunds for mid-cycle cancellations — your subscription remains active until the end of the paid period, then stops billing.
We aim for high availability but do not promise uptime SLAs at this stage. The service is offered AS IS and AS AVAILABLE. Sweep schedules are best-effort; an "hourly" sweep means "approximately hourly under normal load." Maintenance windows, upstream tool failures, or worker fleet incidents may delay sweeps.
To the maximum extent permitted by law, ASMHunter is provided without warranties of any kind, express or implied, including merchantability, fitness for a particular purpose, accuracy, and non-infringement. Scan findings may include false positives, false negatives, or missing assets. Do not rely on ASMHunter as your sole source of security assurance. Always validate findings before reporting them, and never assume the absence of a finding means the absence of a vulnerability.
To the maximum extent permitted by law, our total aggregate liability to you for any claim arising out of or related to the service — whether in contract, tort, or otherwise — is capped at the total fees you paid us in the twelve (12) months preceding the claim. If you are on the Free tier, that cap is zero.
We are not liable for indirect, incidental, consequential, special, or punitive damages, including lost profits, lost bounties, lost data, or reputational harm, even if advised of the possibility.
You agree to defend and hold ASMHunter (and its operator) harmless against any claim, loss, or expense arising from your use of the service, including: scanning unauthorized targets, violating bug bounty program rules, mishandling PII discovered during scanning, or breaching these terms.
You can terminate at any time by cancelling your subscription and deleting your account from settings. We can terminate or suspend your account at any time for material breach of these terms (especially Sections 3 and 4), unpaid invoices, or fraudulent payment activity. Termination outside the 7-day refund window does not trigger a prorated refund. Section 7 of the Privacy Policy describes what happens to your data after termination.
We may update these terms. Material changes will be announced by email to active account holders at least 14 days before they take effect, and the "Last updated" date at the top of this page will change. Continuing to use the service after a change means you accept the new terms; if you do not accept them, cancel before they take effect.
These terms are governed by the laws of the Republic of Turkey, without regard to conflict-of-law principles. Disputes that cannot be resolved by email will be brought before the competent courts of Istanbul, Turkey. This does not affect any mandatory consumer-protection rights you have under the law of your country of residence.
For anything in these terms — questions, disputes, complaints, abuse reports: ops@asmhunter.app.