Authorization
Proving you have permission to test a target.
⚠️ Authorization is Required
You must verify ownership or authorization before scanning any target. Unauthorized testing is illegal and violates our Terms of Service.
Verification Methods
Choose one of these methods to prove authorization:
1. DNS Verification (Recommended)
Add a TXT record to your domain's DNS configuration:
Record Type: TXT
Host/Name: @ (or your subdomain)
Value:
hackerbot-verify=hb_xxxxxxxxxxxx
Verification typically completes within 5 minutes. DNS propagation may take up to 24 hours.
2. File Upload Verification
Upload a verification file to your web server:
- Download the verification file from your dashboard
- Upload to:
/.well-known/hackerbot-verify.txt - Ensure it's accessible via HTTPS
- Click "Verify" in your dashboard
3. Repository Verification
For GitHub-connected projects, verify via your repository:
- Connect your GitHub repository to Hacker Bot
- Add a
.hackerbotfile to your repo root - Include your target domain in the file
- Push to your main branch
# .hackerbot
targets:
- example.com
- staging.example.com
targets:
- example.com
- staging.example.com
Agency & Client Authorization
Testing on behalf of clients requires additional documentation:
- Signed authorization letter from the client
- Defined scope and testing window
- Emergency contact information
- Upload via Settings → Authorization Documents
We provide authorization templates you can use with your clients. Contact support for templates.