ASMHunter
Features Pricing Get Started
Legal

Terms of Service

Last updated: 2026-05-13

These terms govern your use of ASMHunter. By creating an account or running a scan, you agree to them. If you do not agree, do not use the service. Plain language, no theatrics.

1. The service

ASMHunter (asmhunter.app) is a continuous attack surface monitoring platform for bug bounty hunters and security teams. We periodically run discovery and detection tooling — subdomain enumeration, port coverage, HTTP probing, web crawling, and vulnerability templates — against domains you configure. Findings are stored in your dashboard and pushed to you via Telegram and email.

2. Your account

  • You must be at least 18 years old to use ASMHunter.
  • You are responsible for keeping your credentials secret. If your account is compromised, email ops@asmhunter.app immediately.
  • You are responsible for everything that happens under your account, including scans triggered by your API tokens.
  • One human per account. Sharing credentials between people is not allowed on individual plans.

3. Authorized targets only

This is the single most important section. You may only configure scan targets that you own, that you are explicitly authorized to test, or that are listed in a public bug bounty program with in-scope assets that match.

By submitting a target you warrant and represent that you have legal authority to perform automated security testing against it. This includes verifying that:

  • The domain is yours, or you have written permission from the owner, or it is explicitly in-scope on a published bug bounty / VDP program.
  • Your testing complies with the rules of engagement of that program (rate limits, excluded paths, banned techniques).
  • You have not been told by the asset owner to stop.

ASMHunter is a tool, not a license. Unauthorized scanning may violate computer-misuse law in your jurisdiction (CFAA in the US, the Computer Misuse Act in the UK, TCK 243 in Turkey, equivalents elsewhere). If you point this tool at something you are not allowed to test, that is on you, not us. We will cooperate with valid legal requests from asset owners and law enforcement.

4. Prohibited use

You may not, and may not attempt to:

  • Scan domains, IPs, or assets you are not authorized to test.
  • Use ASMHunter to perform denial-of-service, traffic flooding, brute force credential stuffing, or any test designed to degrade availability.
  • Exfiltrate, store, or share personal data (PII), payment data, or credentials discovered through scanning beyond what is necessary to file a bug report with the asset owner.
  • Resell ASMHunter, white-label it, or use it to provide scanning-as-a-service to your own customers without a written agreement with us.
  • Reverse engineer, scrape, or attempt to extract source code or scan templates from the platform.
  • Use the platform to violate any applicable law or third-party right.

We may suspend or terminate accounts that violate these rules, without refund, and report serious abuse to the relevant parties.

5. Plans and payment

ASMHunter is sold in tiers:

  • Free — weekly sweeps, 3 assets, no payment required.
  • Hunter / Pro / Elite / Legend — paid tiers with progressively higher sweep frequency, asset count, and scan depth. Current pricing is shown on the pricing page.

Payments are processed by LemonSqueezy, the merchant of record. Subscriptions auto-renew monthly or yearly at the cycle you select until you cancel. Pricing may change with at least 30 days notice; existing subscribers keep their current price for at least one renewal cycle after a change.

6. Refunds

If you are not satisfied within 7 days of your first paid charge on a given subscription, email ops@asmhunter.app and we will refund it. No interrogation, no forms. After the 7-day window we do not issue prorated refunds for mid-cycle cancellations — your subscription remains active until the end of the paid period, then stops billing.

7. Service availability

We aim for high availability but do not promise uptime SLAs at this stage. The service is offered AS IS and AS AVAILABLE. Sweep schedules are best-effort; an "hourly" sweep means "approximately hourly under normal load." Maintenance windows, upstream tool failures, or worker fleet incidents may delay sweeps.

8. No warranty

To the maximum extent permitted by law, ASMHunter is provided without warranties of any kind, express or implied, including merchantability, fitness for a particular purpose, accuracy, and non-infringement. Scan findings may include false positives, false negatives, or missing assets. Do not rely on ASMHunter as your sole source of security assurance. Always validate findings before reporting them, and never assume the absence of a finding means the absence of a vulnerability.

9. Limitation of liability

To the maximum extent permitted by law, our total aggregate liability to you for any claim arising out of or related to the service — whether in contract, tort, or otherwise — is capped at the total fees you paid us in the twelve (12) months preceding the claim. If you are on the Free tier, that cap is zero.

We are not liable for indirect, incidental, consequential, special, or punitive damages, including lost profits, lost bounties, lost data, or reputational harm, even if advised of the possibility.

10. Indemnity

You agree to defend and hold ASMHunter (and its operator) harmless against any claim, loss, or expense arising from your use of the service, including: scanning unauthorized targets, violating bug bounty program rules, mishandling PII discovered during scanning, or breaching these terms.

11. Termination

You can terminate at any time by cancelling your subscription and deleting your account from settings. We can terminate or suspend your account at any time for material breach of these terms (especially Sections 3 and 4), unpaid invoices, or fraudulent payment activity. Termination outside the 7-day refund window does not trigger a prorated refund. Section 7 of the Privacy Policy describes what happens to your data after termination.

12. Changes to these terms

We may update these terms. Material changes will be announced by email to active account holders at least 14 days before they take effect, and the "Last updated" date at the top of this page will change. Continuing to use the service after a change means you accept the new terms; if you do not accept them, cancel before they take effect.

13. Governing law

These terms are governed by the laws of the Republic of Turkey, without regard to conflict-of-law principles. Disputes that cannot be resolved by email will be brought before the competent courts of Istanbul, Turkey. This does not affect any mandatory consumer-protection rights you have under the law of your country of residence.

14. Contact

For anything in these terms — questions, disputes, complaints, abuse reports: ops@asmhunter.app.

ASMHunter
Privacy Terms Contact