No Automation need some help


I am new here, so I may need some help form time to time.
Right now I am working on a project that has this in the do not do list.

“The use of Automated scanners is strictly prohibited”

Not I take it that you can’t run any type of scans on the site.
No nmap
no web scraping
No vulnerability scanner
All work must be done by the keyboard, one tap at a time.

Is this right, yes or no
Thank you


Hi @bluedog,

I got used to not run automated scanners because almost every policy says “The use of Automated scanners is strictly prohibited”.
However, I doubt that everyone cares about that. The same happens with the domains in scope.

So, in my opinion is not right. But people get bounties even when not following the rules in the policies, so there is not right answer.

Good luck with the project.


Thank you stefanofinding for the info.