HomeToolsDocsPricingGalleryExtensionContact Get the App
// safe authorized testing

Scope & Rules of Engagement

Setting scope in Legion

When you create a task, the wizard asks for a target scope. This is the IP address, IP range, or domain you are authorized to test. The scope appears on your report cover and the AI Operator uses it to stay inside the agreed target. It does not block you from running tools manually against other targets, so it is your responsibility to stay within bounds.

Be as specific as your authorization allows. If you are authorized to test a single host, scope to that host. If you have a subnet, use the subnet. Do not set a broad scope to cover targets you were not explicitly authorized to include.

Rules of engagement

On a formal client engagement, your rules of engagement document defines what is in scope, which testing methods are permitted, the testing window, any systems that are explicitly off-limits, and who to contact if something goes wrong. Keep that document open while you work.

If you are working on a bug bounty program, the program policy on the platform is your rules of engagement. Read it carefully before starting. Most programs define specific subdomains or IP ranges that are in scope and explicitly exclude others.

Only test systems you own or have explicit written authorization to test. Running these tools against systems without permission can violate computer fraud, wiretap, and anti-hacking laws in most jurisdictions regardless of intent.
Next: Authorization Checklist Back to Docs