Skip to main content
Last updated: March 30, 2026 Please read these Terms of Use (“Terms”) carefully before using the QAOS software, CLI tool, web application, or any related services (collectively, the “Service”) operated by Machdel (“we”, “us”, or “our”). By installing, accessing, or using the Service, you acknowledge that you have read, understood, and agree to be bound by these Terms. If you do not agree to all of these Terms, do not use the Service.

1. Authorized Use Only

This is the most important section of these Terms. Read it carefully.QAOS is a security and quality testing tool designed to test web applications that you own or have explicit written authorization to test. Misuse of this tool can cause serious harm and may violate laws in your jurisdiction.

1.1 You must have authorization

You may only use QAOS to test web applications if at least one of the following conditions is met:
  • You own the web application and all infrastructure it runs on
  • You are an employee or contractor of the organization that owns the web application, and you have been explicitly authorized in writing to conduct security testing
  • You are a security researcher who has received explicit written permission from the application owner to conduct testing under a defined scope
  • You are participating in a formal bug bounty program that explicitly permits automated security testing within defined scope boundaries

1.2 Testing without authorization is prohibited

Using QAOS to test any web application, system, or service that you do not own or do not have explicit written authorization to test is strictly prohibited. This includes but is not limited to:
  • Websites belonging to other individuals or organizations
  • Government websites or infrastructure
  • Competitors’ websites or applications
  • Any system where the owner has not granted explicit testing permission
  • Applications hosted by third parties on behalf of their customers, where the customer has not received explicit testing authorization from the hosting provider

1.3 Why this matters

QAOS performs active security testing. This means it:
  • Makes many automated HTTP requests to your target
  • Submits forms with test payloads
  • Attempts to access protected resources
  • Sends requests that may trigger rate limiting, alerts, or security systems
When run against systems you do not own, these activities may constitute:
  • Unauthorized access to computer systems (a criminal offense in many jurisdictions, including the Computer Fraud and Abuse Act in the United States, the Computer Misuse Act in the United Kingdom, and equivalent laws worldwide)
  • Denial of service if the target’s infrastructure is overloaded
  • Triggering of security incident responses that cause harm and expense to the target organization
  • Civil liability for damages caused
By using QAOS, you accept sole and full responsibility for ensuring you have the legal right to test every target URL you provide in your configuration files.

2. Account Registration

2.1 Account requirements

To use QAOS, you must create an account with accurate, complete, and current information. You are responsible for maintaining the confidentiality of your credentials and for all activities that occur under your account.

2.2 Age requirement

You must be at least 18 years old to use the Service. By using the Service, you represent that you are at least 18 years of age.

2.3 One account per person

Each account is for a single user. You may not share your account credentials with others. Organizations requiring multiple users should contact us for team plan options.

3. Acceptable Use

You agree not to use the Service to:
  • Test any system without proper authorization (see Section 1)
  • Conduct denial-of-service attacks against any system
  • Gain unauthorized access to any computer system, network, or data
  • Transmit any malicious code, viruses, or harmful software
  • Violate any applicable laws or regulations
  • Infringe the intellectual property rights of any third party
  • Harass, abuse, or harm any person or organization
  • Circumvent, disable, or interfere with security features of the Service itself
  • Use the Service in ways that could damage, disable, overburden, or impair our servers or networks

4. Intellectual Property

4.1 Our property

The Service, including all software, content, features, and functionality, is owned by us and protected by intellectual property laws. You may not copy, modify, distribute, sell, or lease any part of the Service without our express written permission.

4.2 Your content

You retain ownership of all configuration files, test descriptions, and other content you create using the Service (“Your Content”). By using the Service, you grant us a limited, non-exclusive license to use Your Content solely to provide the Service to you.

5. Data and Privacy

Your use of the Service is also governed by our Privacy Policy, which is incorporated into these Terms by reference.

6. Disclaimer of Warranties

THE SERVICE IS PROVIDED “AS IS” AND “AS AVAILABLE” WITHOUT WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED. We do not warrant that:
  • The Service will be uninterrupted, timely, secure, or error-free
  • QAOS will detect all security vulnerabilities or quality issues in your application
  • Results produced by QAOS are complete, accurate, or free of false positives
  • The Service will meet your specific requirements
QAOS is a testing assistance tool, not a comprehensive security audit. A clean QAOS report does not certify that your application is secure. Always supplement automated testing with manual security review and professional penetration testing for applications handling sensitive data.

7. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL WE BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES, INCLUDING BUT NOT LIMITED TO:
  • Loss of profits or revenue
  • Loss of data
  • Business interruption
  • Any damages resulting from unauthorized security testing you conduct using the Service
  • Any claims by third parties arising from your use of the Service
OUR TOTAL LIABILITY FOR ANY CLAIM ARISING OUT OF OR RELATING TO THESE TERMS OR THE SERVICE SHALL NOT EXCEED THE GREATER OF (A) THE AMOUNT YOU PAID TO US IN THE TWELVE MONTHS BEFORE THE CLAIM OR (B) ONE HUNDRED DOLLARS (USD $100).

8. Indemnification

You agree to defend, indemnify, and hold harmless us and our officers, directors, employees, and agents from and against any claims, liabilities, damages, judgments, awards, losses, costs, expenses, or fees (including reasonable attorneys’ fees) arising out of or relating to:
  • Your violation of these Terms
  • Your use of the Service in violation of Section 1 (Authorized Use Only)
  • Your testing of any system without proper authorization
  • Any claim by a third party that your use of the Service caused harm to their systems, data, or business

9. Termination

We reserve the right to suspend or terminate your account at any time, with or without notice, if we believe you are using the Service in violation of these Terms — especially in violation of the authorized use requirements in Section 1. Upon termination, your right to use the Service ceases immediately. We may retain your data as described in our Privacy Policy.

10. Changes to These Terms

We may modify these Terms at any time. We will notify you of material changes by posting the updated Terms on this page with a new “Last updated” date. Your continued use of the Service after changes become effective constitutes your acceptance of the updated Terms.

11. Governing Law

These Terms are governed by and construed in accordance with the laws of the Province of Quebec, Canada, without regard to conflict of law principles. Any disputes arising from these Terms shall be resolved exclusively in the courts of Montreal, Quebec.

12. Contact

If you have questions about these Terms, contact us at: info@machdel.com Machdel
Polytechnique Montréal
Montréal, Quebec, Canada