Effective April 10, 2026 · Last updated June 14, 2026
By accessing or using the ThreatStrike.ai website (the "Site"), requesting any services, or submitting any information through this Site, you ("User") agree to be bound by these Terms of Service ("Terms") and our Privacy Policy. If you do not agree to these Terms in their entirety, you must immediately cease use of this Site.
These Terms constitute a legally binding agreement between you and ThreatStrike LLC ("Company," "we," "us," or "our"). Your continued use of the Site following the posting of any modifications to these Terms constitutes your acceptance of such modifications.
ThreatStrike LLC publishes ThreatStrike Legion, a commercial desktop pentest workstation for macOS and Linux (the "Software"). The Software is sold as a licensed download. End-user use of the Software is governed by the separate End User License Agreement ("EULA"), which is incorporated into these Terms by reference and which you accept when you install or use the Software.
ThreatStrike LLC also publishes ThreatStrike Mobile, a standalone Android privacy utility app distributed through the Google Play Store. ThreatStrike Mobile operates entirely on the end user's device. ThreatStrike LLC does not receive, collect, or have any access to data processed by the mobile app.
ThreatStrike LLC also publishes ThreatStrike Shield, a free, open-source browser extension for Chromium-based browsers (Chrome, Brave, Edge) and Firefox-based browsers (Firefox, LibreWolf), distributed through the Chrome Web Store, Firefox Add-ons (AMO), and as a direct download. ThreatStrike Shield is a local-first phishing and malicious-URL scanner that operates entirely within your browser. ThreatStrike LLC does not receive, collect, or have any access to your browsing history or any data processed by the extension. End-user use of the extension is governed by the separate End User License Agreement ("EULA"), Section 15 of which addresses the extension specifically.
Where ThreatStrike LLC performs or has performed cybersecurity advisory services for a client, those services are governed by separate, executed engagement agreements between ThreatStrike LLC and the client. Nothing on this Site constitutes an offer to perform any security testing, penetration testing, or related activity on any system without such a formal, written, and executed engagement agreement, and with explicit written authorization from the system owner.
All content published on this Site, including but not limited to articles, case studies, technical descriptions, methodology overviews, tool references, vulnerability explanations, and security guidance, is provided solely for educational and informational purposes.
ThreatStrike LLC expressly disclaims all responsibility and liability for any unauthorized, illegal, or unethical use of information, techniques, tools, or methodologies described on this Site. The Company is not responsible for and shall not be liable for:
Users of this Site are solely responsible for ensuring that any application of information obtained herein complies with all applicable federal, state, and local laws, and with any applicable contractual or organizational obligations. Explicit, written authorization from the system owner is required before performing any form of security testing.
You assume all risk. ThreatStrike LLC provides information "as-is" and assumes no liability whatsoever for how that information is interpreted, applied, or misused by any third party. The Company's total liability to you for any claim arising from use of this Site shall not exceed zero dollars ($0.00) for informational content accessed without a paid engagement agreement.
THE SITE AND ALL CONTENT ARE PROVIDED ON AN "AS IS" AND "AS AVAILABLE" BASIS WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, NON-INFRINGEMENT, OR ACCURACY.
ThreatStrike LLC does not warrant that: (a) the Site will be uninterrupted, timely, secure, or error-free; (b) the results obtained from use of the Site will be accurate or reliable; (c) any content on the Site is current, complete, or applicable to your specific circumstances; or (d) defects in the Site, if any, will be corrected.
Cybersecurity information is inherently time-sensitive. Threat landscapes, vulnerability details, and security best practices evolve rapidly. ThreatStrike LLC makes no guarantee that any content on this Site reflects the current state of any threat, vulnerability, or defensive technique.
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL THREATSTRIKE LLC, ITS OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, PARTNERS, SUPPLIERS, OR LICENSORS BE LIABLE FOR ANY:
WHETHER BASED ON WARRANTY, CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY, OR ANY OTHER LEGAL THEORY, EVEN IF THREATSTRIKE LLC HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
IN JURISDICTIONS THAT DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, THE FOREGOING LIMITATIONS SHALL APPLY TO THE FULLEST EXTENT PERMITTED BY LAW.
You agree to defend, indemnify, and hold harmless ThreatStrike LLC and its officers, directors, employees, agents, and contractors from and against any and all claims, damages, obligations, losses, liabilities, costs, and expenses (including reasonable attorneys' fees) arising from:
ThreatStrike LLC is committed to protecting the privacy of visitors to this Site. This Privacy Policy describes what information we collect, how we use it, and the limited circumstances under which we may share it. This policy applies to all information collected through the Site, including via our contact form and license purchase flow.
We do not sell, rent, trade, or otherwise transfer your personally identifiable information to third parties for marketing or commercial purposes.
When you submit our contact form, we collect:
This information is used exclusively to respond to your inquiry and to discuss potential engagement. We do not use it for unsolicited marketing communications.
License purchases are processed by third-party payment processors: Stripe (card, Apple Pay, Google Pay) and NOWPayments (cryptocurrency). When you complete a purchase, those processors collect your payment details and, for card payments, your billing email address. ThreatStrike LLC receives only your email address and a payment reference ID from these processors; we never receive or store your full card number, bank details, or crypto wallet address. Each processor's handling of your payment data is governed by their own privacy policy: Stripe Privacy Policy and NOWPayments Privacy Policy. Your email is used solely to deliver your license key and is not used for marketing.
Like most websites, our hosting infrastructure may automatically record standard server log information, including your IP address, browser type, referring/exit pages, and timestamps. This data is used solely for security monitoring, abuse prevention, and aggregate traffic analysis. It is not linked to personally identifiable information.
This Site uses minimal, technically necessary cookies to support basic functionality. We do not use third-party advertising cookies or tracking pixels. You may configure your browser to refuse cookies; however, this may affect certain Site functionality.
Contact form submissions are retained for a period reasonably necessary to respond to and fulfill your inquiry, and thereafter for a period of no longer than twelve (12) months, unless we are required by law to retain them longer or unless an ongoing engagement relationship necessitates continued retention.
Depending on your jurisdiction, you may have the right to access, correct, or request deletion of personal data we hold about you. To exercise these rights, contact us at security@threatstrike.ai. We will respond within thirty (30) days.
ThreatStrike Legion runs entirely on your device. We do not operate any backend that receives, stores, or processes your engagement data. Specifically:
The ThreatStrike Mobile App operates entirely on the end user's device. We do not operate backend servers that receive App data, and the App contains no analytics SDKs, crash reporters, advertising identifiers, or telemetry of any kind.
The App specifically does not collect, transmit, or store on our infrastructure:
The App issues network requests only to services the user explicitly invokes: (i) VirusTotal, using a user-supplied API key ("bring your own key"); (ii) Koodous, also BYOK, for Android APK hash lookups, only the SHA-256 hash of the APK is transmitted, never the APK file itself; (iii) the HaveIBeenPwned Pwned Passwords range API, using k-anonymity, only the first five hex characters of a SHA-1 hash are transmitted. All three hosts are protected with certificate pinning. When the user has Orbot installed and enables "Route through Tor," these requests are sent through Orbot's local SOCKS proxy. Data decoded from QR codes the user scans is rendered locally first, with the URL and safety verdict shown before any network request is made. These third-party services are governed by their own privacy policies, which we encourage users to review.
Sensitive data at rest in the App is encrypted with AES-256-GCM using keys derived from the user's PIN via Argon2id, optionally wrapped by a biometric-bound Android Keystore key. The App's on-device database is additionally encrypted at the page level using SQLCipher. Sensitive screens set the Android FLAG_SECURE flag, preventing screenshots and blanking the app's thumbnail in the recent-apps switcher. The App verifies its own signing certificate at launch and refuses to run if the APK has been repackaged. We have no mechanism to recover or access user data. If the user loses both their PIN and biometric enrollment, the data cannot be recovered by us.
ThreatStrike Shield runs entirely inside your browser. We do not operate any backend that receives, stores, or processes your data, and the extension contains no analytics, telemetry, crash reporting, or advertising identifiers of any kind.
The extension specifically does not collect, transmit, or store on our infrastructure:
All phishing and malicious-URL checks are performed locally, on your device, against a blocklist that is bundled with the extension and cached in your browser. The only network requests the extension makes on its own are periodic downloads of public threat-intelligence blocklists from their publishers: URLhaus (abuse.ch), the OpenPhish and PhishTank community feeds, the Steven Black hosts list, and the Phishing.Database project. These are bulk list downloads that transmit no information about you, the sites you visit, or your activity, and you can disable automatic updates entirely in the extension's settings. These third-party feeds are governed by their own terms, which we encourage you to review.
ThreatStrike Shield also includes an optional right-click "Scan link" feature with VirusTotal support. If, and only if, you supply your own VirusTotal API key in the extension's settings ("bring your own key"), scanning a link additionally submits that single URL to VirusTotal so it can be cross-referenced against VirusTotal's engines. This is strictly user-initiated and per-link: only the one URL you choose to scan is transmitted, never your browsing history, page contents, or activity, and nothing is sent in the background. If you do not add a VirusTotal API key, no data is ever sent to VirusTotal. VirusTotal is operated by a third party under its own privacy policy, which we encourage you to review; you can remove your key, or simply not use the feature, at any time.
ThreatStrike Shield also includes an optional one-click “Report” action (on the block page, the toolbar popup, and the login-form guard). When you click Report, the extension always blocks the site locally on your own device; and, if community reporting is enabled, it additionally submits only that single reported URL — plus an optional contact email address, transmitted solely if you have chosen to enter one in the extension's settings — to third-party anti-phishing takedown services (such as Netcraft) and, if you have configured one, to your own webhook endpoint. This is strictly user-initiated and per-report: only the one URL you choose to report is transmitted, never your browsing history, page contents, or activity, and nothing is sent in the background. Community reporting can be turned off entirely under the extension's Settings → Privacy screen, in which case clicking Report only blocks and records the site locally. These third-party services are governed by their own privacy policies, which we encourage you to review.
Settings, allowlists, statistics, your VirusTotal API key, and the cached blocklist are stored locally using your browser's extension storage and IndexedDB, and never leave your device. You can erase all of it at any time from the extension's Settings → Privacy screen. We have no mechanism to access this data.
All content on this Site, including but not limited to text, graphics, logos, icons, images, methodologies, and software, is the exclusive property of ThreatStrike LLC or its content suppliers and is protected by applicable copyright, trademark, and intellectual property laws.
You are granted a limited, non-exclusive, non-transferable, revocable license to access and view the content on this Site for personal, non-commercial informational purposes only. You may not reproduce, distribute, modify, create derivative works from, publicly display, publicly perform, republish, download, store, or transmit any content from this Site without the prior express written consent of ThreatStrike LLC.
These Terms shall be governed by and construed in accordance with the laws of the United States and the state in which ThreatStrike LLC is incorporated, without regard to its conflict of law provisions.
Any dispute arising out of or relating to these Terms or your use of the Site shall first be submitted to good-faith mediation. If mediation fails, disputes shall be resolved through binding arbitration administered by the American Arbitration Association under its Commercial Arbitration Rules. You waive any right to a jury trial and agree not to participate in any class action lawsuit or class-wide arbitration.
ThreatStrike LLC reserves the right to modify these Terms at any time. We will indicate the date of the most recent revision at the top of this page. Material changes will be communicated via a notice on the Site's homepage for a minimum of thirty (30) days prior to the change taking effect. Your continued use of the Site after any such modification constitutes your acceptance of the revised Terms.
For questions, concerns, or notices regarding these Terms or our Privacy Policy, please contact:
ThreatStrike LLC, Legal & Privacy
Email: security@threatstrike.ai
Website: threatstrike.ai