End User Agreement

Effective Date: 5-27-2026

Welcome to Exploit Strike (“Exploit Strike,” “we,” “our,” or “us”). By accessing or using our website, platform, dashboard, alerts, monitoring services, or related tools (collectively, the “Services”), you (“User,” “Customer,” or “Client”) agree to be bound by this End User Agreement (“Agreement”). If you do not agree to these terms, do not use the Services.

1. Services Overview

Exploit Strike provides cybersecurity monitoring, exposure detection, reporting, alerting, and related security services designed to identify publicly exposed sensitive information across developer platforms, repositories, and online sources.

Services may include, but are not limited to:

• Continuous monitoring of platforms such as GitHub, GitLab, Postman, Bitbucket, Pastebin, and similar services

• Detection of API keys, credentials, tokens, sensitive URLs, proprietary code, and exposed data

• Manual validation of automated findings

• Real-time alerts and dashboard reporting

• Historical exposure discovery

• Reporting integrations and technical support

The Services are intended solely for lawful business and security purposes.

2. Eligibility and Authorized Use

By using the Services, you represent and warrant that:

• You are authorized to act on behalf of your organization;

• Any domains, repositories, identifiers, or assets submitted for monitoring belong to you or you have authorization to monitor them;

• All materials provided for review are publicly accessible or legally authorized for analysis;

• You will use the Services in compliance with all applicable laws and regulations.

You may not use the Services to:

• Access unauthorized systems;

• Violate privacy, intellectual property, or cybersecurity laws;

• Reverse engineer, copy, or misuse the Services.

3. Beta Services

Certain features or functionality may be offered in beta form.

By using beta features, you acknowledge and agree that:

1. Functionality may change without prior notice;

2. Beta Services are provided “AS IS”;

3. Features may contain bugs, interruptions, or incomplete functionality;

4. Exploit Strike shall not be liable for interruptions, modifications, or errors associated with beta development activities.

4. Intellectual Property

All intellectual property, software, methodologies, templates, tools, monitoring logic, analytics systems, bots, dashboards, techniques, and related materials owned or developed by Exploit Strike prior to or independently of the Services (“Exploit Strike Background IP”) remain the exclusive property of Exploit Strike.

Your use of the Services does not transfer ownership of any Exploit Strike intellectual property.

Subject to this Agreement, Exploit Strike grants you a limited, non-exclusive, non-transferable license to access and use the Services for your internal business purposes only.

You may not:

• Reproduce or redistribute the Services;

• Modify or create derivative works;

• Resell or sublicense the platform;

• Remove proprietary notices;

• Use the Services to build a competing product.

Customer-specific reports and deliverables generated specifically for the Client, excluding Exploit Strike Background IP, remain the property of the Client.

5. Confidentiality

Exploit Strike will use commercially reasonable efforts to protect confidential information submitted through the Services.

Each party agrees:

• To use confidential information solely for purposes of providing or using the Services;

• Not to disclose confidential information to unauthorized third parties;

• To implement reasonable safeguards to protect confidential information.

This obligation does not apply to information that:

• Is publicly available, though anonymity will be provided;

• Was lawfully obtained from another source;

• Is independently developed;

• Must be disclosed by law or court order.

6. Monitoring and Findings

Exploit Strike utilizes automated systems, including bots and scanning technologies, to monitor publicly available platforms and content for indicators associated with Customer environments.

Automated findings are subject to manual validation before reporting whenever reasonably possible.

The Services may identify:

• Publicly exposed credentials;

• API keys and tokens;

• Internal URLs or hostnames;

• Source code exposures;

• Historical data leaks;

• Other publicly accessible sensitive information.

Exploit Strike may cross-reference findings with customer-provided identifiers to improve attribution accuracy.

7. Client Responsibilities

You are responsible for:

• Maintaining accurate monitoring scope information;

• Reviewing alerts and notifications promptly;

• Managing remediation activities;

• Maintaining appropriate incident response procedures;

• Ensuring your use of the Services complies with third-party platform terms;

• Maintaining any cybersecurity insurance you deem appropriate.

You acknowledge that monitoring may surface publicly available information originating from prior exposures or third-party publications.

8. Technical Support

Technical support is available during normal business hours:

• Monday–Friday

• 9:00 AM – 5:00 PM Eastern Time

• Excluding U.S. Federal Holidays

Support requests may be submitted via:

• Email: security@exploitstrike.com

• Phone: 443-553-3009

Exploit Strike will use commercially reasonable efforts to respond within one (1) business day.

9. Fees and Subscription Terms

Unless otherwise agreed in writing:

• Services are provided on a month-to-month or annual basis;

• Customer remains responsible for all fees incurred through the effective termination date.

Certain integrations or advanced reporting capabilities may require minimum service commitments.

10. No Warranty

THE SERVICES ARE PROVIDED “AS IS” AND “AS AVAILABLE.”

TO THE MAXIMUM EXTENT PERMITTED BY LAW, EXPLOIT STRIKE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING:

• MERCHANTABILITY,

• FITNESS FOR A PARTICULAR PURPOSE,

• NON-INFRINGEMENT,

• ACCURACY OR COMPLETENESS OF RESULTS.

Exploit Strike does not guarantee:

• Complete vulnerability detection;

• Elimination of all cybersecurity risks;

• Continuous or uninterrupted service availability;

• Prevention of all breaches or exposures.

Failure to identify a vulnerability or exposure does not constitute a breach of this Agreement.

You agree not to represent to any third party that Exploit Strike guarantees complete security.

11. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW:

IN NO EVENT SHALL EITHER PARTY BE LIABLE FOR:

• INDIRECT,

• INCIDENTAL,

• SPECIAL,

• CONSEQUENTIAL,

• PUNITIVE,

• EXEMPLARY DAMAGES,

• LOSS OF PROFITS,

• LOSS OF REVENUE,

• LOSS OF DATA,

• LOSS OF CUSTOMERS,

• REPUTATIONAL HARM,

• BUSINESS INTERRUPTION,

ARISING OUT OF OR RELATED TO THE SERVICES, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

Exploit Strike’s total aggregate liability under this Agreement shall not exceed the total fees paid by Customer to Exploit Strike during the twelve (12) months preceding the event giving rise to the claim.

These limitations shall not apply to:

• Gross negligence,

• Willful misconduct,

• Breach of confidentiality obligations.

12. Indemnification

Each party agrees to indemnify and hold harmless the other party from third-party claims, damages, liabilities, and expenses arising from:

• Gross negligence,

• Willful misconduct,

• Breach of confidentiality obligations.

The indemnifying party shall control the defense of any claim, and the indemnified party shall reasonably cooperate at the indemnifying party’s expense.

13. Service Availability and Changes

Exploit Strike may:

• Modify features or functionality;

• Perform maintenance;

• Update monitoring methods;

• Add or remove integrations;

• Improve detection capabilities.

We will use reasonable efforts to provide notice of planned downtime when practical.

14. Termination

We may suspend or terminate access to the Services if:

• You violate this Agreement;

• Your use creates security or legal risk;

• Required fees remain unpaid;

• Continued service becomes commercially impractical.

Upon termination:

• Your right to access the Services ends immediately;

• Certain provisions, including confidentiality, intellectual property, disclaimers, and limitation of liability, survive termination.

15. Governing Law

This Agreement shall be governed by and construed in accordance with the laws of the State of Delaware, without regard to conflict of law principles.

16. Changes to This Agreement

Exploit Strike may update this Agreement from time to time. Continued use of the Services after updates become effective constitutes acceptance of the revised terms.