Bugnexa
LoginGet Started

Terms and Conditions

Last updated: May 5, 2026

Welcome to BugNexa. BugNexa is a product of SysINet Infosolutions LLP. These Terms and Conditions govern your access to and use of bugnexa.com, including our website security scanner, vulnerability reporting platform, forum, researcher tools, website owner tools, reports, forms, pages, content, and related services. By accessing or using BugNexa, you agree to these Terms and Conditions. If you do not agree, you must not use BugNexa.

1. Company Information

BugNexa is owned and operated by:

SysINet Infosolutions LLP
Thane, Maharashtra, 401107
India

Privacy: privacy@bugnexa.com

Security: security@bugnexa.com

2. About BugNexa

BugNexa is a responsible web security platform that helps website owners and ethical security researchers identify and report potential web security misconfigurations and vulnerabilities.

BugNexa currently focuses on clickjacking testing and reporting. In the future, BugNexa may support additional non-destructive website security checks, including but not limited to missing HTTP security headers, SPF/DNS-related checks, information disclosure checks, and other website security misconfiguration checks.

BugNexa may allow users to test publicly accessible websites for supported security checks and may allow ethical security researchers to submit potential vulnerability reports to website owners through our platform.

BugNexa does not exploit vulnerabilities, bypass authentication, steal data, damage websites, disrupt services, install malware, conduct phishing, access private systems, or perform unauthorized attacks. BugNexa acts only as a platform for testing, reporting, communication, and responsible disclosure.

3. Eligibility

You may use BugNexa only if you are legally able to enter into these Terms and comply with applicable laws. By using BugNexa, you confirm that:

  • You are at least 18 years old, or you are using the platform with appropriate legal consent and supervision.
  • You will use BugNexa only for lawful, ethical, and responsible purposes.
  • You will not use BugNexa for unauthorized, harmful, abusive, or illegal activity.

4. Platform Role

BugNexa is a technology platform. We provide tools that may help identify and report potential security misconfigurations and vulnerabilities.

We do not guarantee that:

  • A scan result is complete, accurate, or current.
  • A website is vulnerable, safe, secure, or compliant.
  • A reported issue is valid, accepted, or exploitable.
  • A website owner will respond to a report.
  • A report will qualify for reward, bounty, certificate, credit, or recognition.
  • Any vulnerability or misconfiguration will be fixed.

Website owners are responsible for reviewing, validating, accepting, rejecting, prioritizing, and fixing reports. Security researchers are responsible for ensuring that their testing and reporting activities are lawful, ethical, non-destructive, and authorized where required.

5. Authorized and Ethical Use Only

You agree to use BugNexa only for lawful, ethical, and responsible security testing.

You must not use BugNexa to:

  • Access any system, account, server, database, or network without authorization.
  • Exploit, weaponize, or abuse any vulnerability.
  • Steal, collect, expose, sell, or misuse data.
  • Bypass login, authentication, payment, rate limits, or access controls.
  • Damage, disrupt, overload, or interfere with any website, service, or network.
  • Conduct phishing, malware distribution, spam, credential harvesting, or social engineering.
  • Threaten, blackmail, extort, harass, shame, or pressure website owners.
  • Submit fake, misleading, abusive, defamatory, irrelevant, or malicious reports.
  • Upload malware, exploit payloads, stolen data, or illegal content.
  • Use automated abuse, scraping, bots, or excessive scanning.
  • Misrepresent your identity, authority, authorization, or relationship with a website owner.
  • Violate any applicable law, regulation, policy, contract, or third-party right.

Where authorization is legally, contractually, or programmatically required, you are responsible for obtaining it before testing or reporting.

6. Website Security Scanner

BugNexa's scanner is intended to perform non-destructive checks related to supported website security issues.

The scanner may analyze publicly accessible website information such as:

  • URLs or domains submitted by users
  • HTTP response headers
  • Frame protection settings
  • Content Security Policy behavior
  • Redirect behavior
  • Status codes
  • Browser-visible configuration signals
  • Missing HTTP security headers
  • SPF/DNS-related information, where supported
  • Information disclosure indicators, where supported
  • Other non-destructive website security signals

The scanner is not intended to perform exploitation, intrusive testing, credential attacks, denial-of-service activity, data extraction, malware activity, or unauthorized access.

7. Security Researcher Reports

Security researchers may use BugNexa to submit potential vulnerability or misconfiguration reports to website owners. By submitting a report, you confirm that:

  • The report is submitted in good faith.
  • The report is based on lawful, ethical, and non-destructive testing.
  • You have not accessed, copied, modified, deleted, leaked, or exposed private data.
  • You have not disrupted the website or service.
  • The information you provide is accurate to the best of your knowledge.
  • You are not using the report to harass, threaten, extort, blackmail, or pressure the website owner.
  • You have the right to submit the information included in the report.
  • Your report does not include malware, harmful code, stolen data, credentials, private keys, or unauthorized personal data.

BugNexa may review, reject, remove, limit, or moderate reports that appear abusive, false, unlawful, irrelevant, spammy, harmful, defamatory, threatening, exploitative, or inconsistent with responsible disclosure.

8. Website Owner Reports

If you are a website owner or authorized representative, BugNexa may allow you to receive, review, manage, or respond to reports submitted through the platform.

You are responsible for:

  • Verifying your authority over the website or domain.
  • Reviewing reports carefully.
  • Validating whether a reported issue is real.
  • Communicating professionally with researchers.
  • Fixing accepted vulnerabilities or misconfigurations.
  • Complying with your own legal, security, privacy, and disclosure obligations.

BugNexa does not guarantee that every report is accurate, valid, complete, relevant, or submitted by an authorized researcher.

9. Responsible Disclosure

Users must follow responsible disclosure principles.

Researchers should:

  • Report issues privately through proper channels.
  • Give website owners a reasonable opportunity to review and fix issues.
  • Avoid public disclosure before the website owner has had reasonable time to respond.
  • Avoid publishing sensitive details, exploit steps, private data, or harmful proof-of-concept material.
  • Avoid demanding payment, reward, employment, or any benefit in exchange for silence.

BugNexa may restrict or remove users who misuse the platform for threats, pressure, extortion, blackmail, harassment, or public shaming.

10. No Bug Bounty Guarantee

BugNexa is not a bug bounty program unless clearly stated otherwise. Submitting a report through BugNexa does not guarantee:

  • Payment
  • Reward
  • Certificate
  • Recognition
  • Hall of Fame listing
  • Employment opportunity
  • Acceptance by the website owner
  • Any response from the website owner

Any reward, credit, or recognition is entirely subject to the relevant website owner's decision or the specific program rules, if any.

11. User Accounts

Some features of BugNexa may require an account. You are responsible for:

  • Providing accurate account information.
  • Keeping your login credentials secure.
  • All activity under your account.
  • Not sharing, selling, or transferring your account without permission.
  • Immediately notifying us of unauthorized account access.

We may suspend, restrict, or terminate accounts that violate these Terms or create risk for BugNexa, SysINet Infosolutions LLP, users, website owners, or third parties.

12. OTP and Password Authentication

BugNexa may use OTP and password-based authentication to verify users and protect accounts. You agree not to:

  • Share OTPs or passwords with others.
  • Attempt to access another user's account.
  • Bypass authentication controls.
  • Use fake, disposable, unauthorized, or misleading account information.
  • Interfere with authentication, verification, or security systems.

13. User Content

You may submit URLs, reports, messages, notes, screenshots, evidence, profile details, comments, or other content through BugNexa. You retain ownership of your content, but you grant SysINet Infosolutions LLP a limited, worldwide, non-exclusive, royalty-free license to use, host, store, copy, process, display, transmit, and share your content as necessary to operate, secure, improve, and provide BugNexa.

You must not submit content that:

  • You do not have the right to share.
  • Contains confidential, private, or personal data you are not authorized to disclose.
  • Contains passwords, OTPs, tokens, API keys, private keys, or credentials.
  • Contains malware, exploit code, payloads, or harmful scripts.
  • Is defamatory, abusive, illegal, misleading, threatening, or harassing.
  • Violates intellectual property, privacy, confidentiality, or other third-party rights.

14. Privacy and Data

Your use of BugNexa is also governed by our Privacy Policy. BugNexa is designed to minimize collection of user-related data. We do not sell personal information and do not use vulnerability reports, scan data, or researcher activity for advertising purposes.

When you use BugNexa, we may process limited information such as account details, authentication data, submitted URLs, scan results, vulnerability reports, technical metadata, contact details, communication records, IP addresses, browser information, and security logs.

You should not submit sensitive, confidential, personal, regulated, or proprietary information unless you are authorized to do so and it is necessary for responsible disclosure.

15. Abuse Prevention and Monitoring

To protect BugNexa and others, we may monitor platform activity for abuse, fraud, spam, unauthorized testing, excessive scanning, fake reports, extortion, harassment, malware submission, or platform misuse.

We may take actions including:

  • Rate limiting
  • Blocking scans
  • Removing reports
  • Suspending accounts
  • Restricting access
  • Contacting affected parties
  • Preserving evidence
  • Reporting unlawful activity to appropriate authorities where necessary

16. Intellectual Property

BugNexa, including its name, logo, design, website, software, scanner logic, reports, text, graphics, workflows, databases, and platform features, is owned by SysINet Infosolutions LLP or its licensors.

You may not copy, modify, sell, license, distribute, reverse engineer, scrape, mirror, or create derivative works from BugNexa unless permitted by law or with our written permission. You may use BugNexa only as intended through the normal platform interface.

17. Third-Party Websites

BugNexa may scan, reference, link to, or facilitate reports about third-party websites. We do not control third-party websites and are not responsible for their content, security, availability, policies, actions, responses, vulnerability handling, or privacy practices. Your interaction with third-party websites is at your own risk and subject to their own terms and policies.

18. Forum and Community Features

BugNexa may provide forum, community, or communication features. You agree not to post or share:

  • Illegal, abusive, hateful, defamatory, or threatening content.
  • Spam, scams, advertisements, or misleading content.
  • Malware, exploit payloads, stolen data, or credentials.
  • Private information of others without authorization.
  • Content that encourages unauthorized hacking, exploitation, or abuse.

We may moderate, edit, remove, restrict, or delete forum content that violates these Terms or creates risk for BugNexa or others.

19. Service Availability

BugNexa may be modified, updated, suspended, limited, or discontinued at any time. We do not guarantee that BugNexa will be:

  • Always available
  • Error-free
  • Uninterrupted
  • Fully secure
  • Compatible with every website
  • Free from false positives or false negatives
  • Available without limits or delays

20. Disclaimers

BugNexa is provided on an "as is" and "as available" basis. To the fullest extent permitted by law, SysINet Infosolutions LLP disclaims all warranties, express or implied, including warranties of accuracy, completeness, reliability, security, availability, fitness for a particular purpose, merchantability, non-infringement, and error-free operation.

BugNexa does not guarantee that it will detect every vulnerability, prevent attacks, confirm exploitability, satisfy compliance requirements, or replace professional security testing.

21. Limitation of Liability

To the fullest extent permitted by law, SysINet Infosolutions LLP, its partners, employees, contractors, affiliates, licensors, and service providers will not be liable for any indirect, incidental, special, consequential, punitive, or exemplary damages. This includes damages for:

  • Loss of profits
  • Loss of revenue
  • Loss of data
  • Loss of business
  • Loss of goodwill
  • Loss of reputation
  • Security incidents
  • Website downtime
  • Incorrect scan results
  • Missed vulnerabilities
  • User misuse
  • Third-party claims
  • Unauthorized testing by users

Our total liability for any claim related to BugNexa will not exceed the greater of:

  • The amount you paid to BugNexa in the previous three months; or
  • INR 10,000.

Some jurisdictions do not allow certain limitations of liability, so some limitations may not apply to you.

22. Indemnification

You agree to defend, indemnify, and hold harmless SysINet Infosolutions LLP, its partners, employees, contractors, affiliates, licensors, and service providers from claims, damages, losses, liabilities, costs, and expenses arising from:

  • Your use or misuse of BugNexa.
  • Your violation of these Terms.
  • Your violation of law.
  • Your violation of third-party rights.
  • Your unauthorized testing or scanning.
  • Your vulnerability reports.
  • Your submitted content.
  • Your interaction with website owners or researchers.
  • Any harm caused by your actions through or related to BugNexa.

23. Suspension and Termination

We may suspend, restrict, or terminate your access to BugNexa at any time if we believe that:

  • You violated these Terms.
  • You misused the platform.
  • You submitted abusive or false reports.
  • You attempted unauthorized access.
  • You created legal, security, operational, or reputational risk.
  • Your activity may harm BugNexa, SysINet Infosolutions LLP, users, website owners, or third parties.

You may stop using BugNexa at any time. Sections that by nature should survive termination will continue to apply, including intellectual property, privacy, disclaimers, limitation of liability, indemnification, governing law, and dispute provisions.

24. Changes to These Terms

We may update these Terms from time to time. When we update the Terms, we will change the "Last updated" date above. Your continued use of BugNexa after changes become effective means you accept the updated Terms. If you do not agree with the updated Terms, you must stop using BugNexa.

25. Governing Law and Jurisdiction

These Terms are governed by the laws of India. Subject to applicable law, the courts located in Thane, Maharashtra, India shall have exclusive jurisdiction over disputes arising from or relating to these Terms, BugNexa, or your use of the platform.

26. Contact Us

For questions about these Terms, contact:

SysINet Infosolutions LLP
Thane, Maharashtra, 401107
India

Privacy: privacy@bugnexa.com

Security: security@bugnexa.com