End User License Agreement

Exploit Pack VOF – Exploit Pack, Control Pack, Kernel Pack, Ultimate Pack, and related software
Last updated: 20 March 2026

This End User License Agreement (“Agreement”) is a legally binding agreement between Exploit Pack VOF, registered in the Netherlands under KvK number 94579121 (“Exploit Pack”, “we”, “us”, or “our”), and the person or legal entity that purchases, downloads, installs, activates, accesses, or uses the Software (“Customer”, “you”, or “your”).

By purchasing, downloading, installing, activating, accessing, or using the Software, you agree to be bound by this Agreement. If you accept this Agreement on behalf of a company, institution, or other legal entity, you represent and warrant that you have authority to bind that entity, and in that case “Customer” refers to that entity.

1. Definitions

For purposes of this Agreement:

“Software” means Exploit Pack, Control Pack, Kernel Pack, Ultimate Pack, all related modules, agents, payloads, components, updates, documentation, support materials, and any other software or materials provided by Exploit Pack.

“Authorised User” means the single named individual for whom the relevant license was purchased.

“Licensed Machine” means the single device, system, or environment designated for use with the license issued to the Authorised User.

“Target Systems” means only those systems, applications, networks, devices, accounts, and environments that you own or control, or for which you have obtained prior explicit written authorisation sufficient under applicable law and contract to perform the intended security testing or research.

“Permitted Purpose” means lawful internal cybersecurity testing, authorised penetration testing, authorised red teaming, adversary simulation, exploit development, detection engineering, training, research, and validation performed within a controlled environment and within an authorised scope.

2. Professional Use Only

The Software is intended solely for professional use by qualified cybersecurity practitioners, including internal security teams, authorised penetration testers, red teams, security researchers, incident response professionals, and educational or training programmes operating in lawful and controlled environments.

The Software is not offered for personal, consumer, or recreational use.

You represent and warrant that neither you nor any Authorised User:
a. is prohibited from receiving, using, or accessing the Software under any applicable sanctions, export control, or trade restrictions;
b. is acting on behalf of any sanctioned, restricted, or prohibited person or entity; or
c. intends to use the Software for any unlawful, unauthorised, harmful, deceptive, or abusive purpose.

3. License Grant

Subject to your compliance with this Agreement and payment of all applicable fees, Exploit Pack grants you a limited, revocable, non-exclusive, non-transferable, non-sublicensable license to use the Software solely for the Permitted Purpose.

Each license is personal, and unless otherwise agreed in writing by Exploit Pack:
a. each license is granted to one named user only;
b. each license is limited to one machine only;
c. the Software may be used only by the Authorised User on the Licensed Machine;
d. the license may not be shared, reassigned, pooled, or used concurrently by multiple persons or on multiple devices; and
e. licenses do not transfer ownership of the Software.

All rights not expressly granted are reserved by Exploit Pack.

4. Trial, Evaluation, and Demo Versions

Any trial, evaluation, beta, preview, or demonstration version of the Software is provided solely for internal evaluation. Exploit Pack may limit functionality, impose technical restrictions, or disable features in such versions at any time and without notice.

Trial, evaluation, beta, preview, or demonstration versions may not be used in production or in any live third-party environment unless expressly authorised in writing by Exploit Pack.

5. Permitted Use

You may use the Software only:
a. for the Permitted Purpose;
b. within the scope of systems and environments that qualify as Target Systems; and
c. in compliance with all applicable laws, regulations, contracts, policies, and professional obligations.

You are solely responsible for defining, documenting, and maintaining lawful scope for each use of the Software.

6. Prohibited Conduct

You shall not, and shall not permit any third party to:

a. use the Software against any system, network, device, application, or account without prior explicit written authorisation;
b. use the Software for unlawful access, persistence, disruption, interception, credential theft, extortion, ransomware activity, spyware activity, or unauthorised data collection or exfiltration;
c. use the Software outside the documented and authorised scope of an engagement;
d. use the Software to operate, support, or facilitate criminal activity, botnet activity, malware campaigns, or unauthorised intrusion operations;
e. resell, rent, lease, sublicense, distribute, lend, host, provide access to, or otherwise make the Software available to any third party, except where expressly authorised in writing by Exploit Pack;
f. copy the Software except as reasonably necessary for authorised installation, backup, or internal use permitted under this Agreement;
g. alter, remove, obscure, or bypass any license keys, product identifiers, watermarking, technical protection measures, or security controls included in the Software;
h. reverse engineer, decompile, disassemble, or otherwise attempt to derive the source code, underlying structure, or non-public functionality of the Software, except to the limited extent that such restriction is prohibited by mandatory law;
i. modify, adapt, merge, translate, or create derivative works of the Software, except where expressly authorised in writing by Exploit Pack;
j. use the Software in any manner that would expose Exploit Pack to legal, regulatory, sanctions, export control, or reputational risk.

7. Customer Responsibilities

You are solely responsible for:
a. obtaining and retaining written authorisations before using the Software;
b. ensuring that the Authorised User is properly trained and competent;
c. implementing appropriate safeguards, segmentation, logging, backups, rollback procedures, and recovery plans before deploying the Software;
d. supervising all use of the Software by your employees, contractors, affiliates, or agents; and
e. ensuring that your use complies with all applicable laws, regulations, contracts, internal policies, and third-party rights.

At Exploit Pack’s request, where reasonably necessary for compliance, fraud prevention, sanctions screening, export control screening, abuse prevention, or lawful-use verification, you shall provide reasonable information sufficient to verify your identity, business purpose, and intended lawful use, subject to applicable data protection law.

8. Export Controls, Sanctions, and Trade Compliance

You shall comply with all applicable export control, sanctions, and trade laws and regulations, including those of the Netherlands, the European Union, the United Nations, and any other jurisdiction whose laws mandatorily apply to the transaction, transfer, access, support, or use of the Software.

You shall not export, re-export, transfer, broker, provide access to, support, or use the Software:
a. in violation of any applicable export control or sanctions laws;
b. for any prohibited end-use or prohibited end-user;
c. where any required license, authorisation, or approval has not been obtained; or
d. in circumstances where such use or transfer would be unlawful.

Exploit Pack may refuse, suspend, or terminate access to the Software, license activation, updates, support, renewals, or any related service where Exploit Pack reasonably believes that sanctions, export control, compliance, fraud, or abuse risks exist.

9. License Enforcement and Technical Measures

Exploit Pack may use reasonable technical measures to enforce license scope, prevent piracy, detect unauthorised redistribution, investigate abuse, and protect the integrity of the Software.

You shall not interfere with or circumvent such measures.

10. Updates, Upgrades, and Support

Unless otherwise stated in a quotation, order, or other written commercial agreement, updates and support are included with the Software license during the applicable license term.

Such updates and support may be subject to fair use, reasonable technical limitations, support policies, release schedules, or product lifecycle requirements communicated by Exploit Pack.

Exploit Pack may modify, replace, suspend, or discontinue features where reasonably necessary for security, maintenance, abuse prevention, legal compliance, or product lifecycle management.

11. Third-Party and Open-Source Components

The Software may include or rely upon third-party software, research tools, libraries, or open-source components. Such components remain subject to their respective license terms.

Where a third-party license requires terms that differ from this Agreement, the third-party license shall govern only with respect to that component and only to the extent required.

12. Intellectual Property

The Software is licensed, not sold.

All intellectual property rights, title, and interest in and to the Software, including all code, modules, methods, documentation, branding, trade names, know-how, improvements, and related materials, remain the exclusive property of Exploit Pack and/or its licensors.

Except for the limited license expressly granted under this Agreement, no rights are granted to you by implication, estoppel, or otherwise.

13. Confidentiality

Any non-public information provided by Exploit Pack in connection with the Software, including license keys, unpublished documentation, product internals, support materials, pricing information, and compliance procedures, shall be treated as confidential.

You shall not disclose such confidential information to any third party except to employees or contractors who have a strict need to know for the Permitted Purpose and who are bound by confidentiality obligations no less protective than those set out here.

14. Feedback

If you provide suggestions, feedback, bug reports, improvement ideas, or feature requests relating to the Software, Exploit Pack may use, disclose, reproduce, modify, and incorporate such feedback without restriction and without any obligation to compensate you, provided that this does not require disclosure of your confidential information in violation of a separate written confidentiality agreement.

15. Disclaimer of Warranties

THE SOFTWARE IS PROVIDED “AS IS” AND “AS AVAILABLE.”

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, EXPLOIT PACK DISCLAIMS ALL WARRANTIES, REPRESENTATIONS, AND CONDITIONS, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, INCLUDING ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, NON-INFRINGEMENT, ACCURACY, RELIABILITY, AVAILABILITY, OR THAT THE SOFTWARE WILL OPERATE WITHOUT INTERRUPTION, ERROR, DETECTION, OR FAILURE.

YOU ACKNOWLEDGE THAT OFFENSIVE SECURITY SOFTWARE IS INHERENTLY HIGH-RISK AND MUST BE USED ONLY BY QUALIFIED PERSONNEL IN CONTROLLED AND AUTHORISED ENVIRONMENTS.

16. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW:

a. EXPLOIT PACK SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, PUNITIVE, EXEMPLARY, OR CONSEQUENTIAL DAMAGES, INCLUDING LOSS OF PROFITS, LOSS OF REVENUE, LOSS OF BUSINESS, LOSS OF GOODWILL, BUSINESS INTERRUPTION, SYSTEM OUTAGE, LOSS OR CORRUPTION OF DATA, FORENSIC COSTS, REMEDIATION COSTS, OR THIRD-PARTY CLAIMS;

b. EXPLOIT PACK SHALL NOT BE LIABLE FOR ANY DAMAGE ARISING FROM OR RELATED TO UNAUTHORISED USE, MISUSE, USER ERROR, IMPROPER CONFIGURATION, FAILURE TO MAINTAIN ADEQUATE SAFEGUARDS, OR YOUR FAILURE TO COMPLY WITH LAW, CONTRACT, OR THIS AGREEMENT;

c. EXPLOIT PACK’S TOTAL AGGREGATE LIABILITY ARISING OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THIS AGREEMENT SHALL NOT EXCEED THE AMOUNT OF LICENSE FEES ACTUALLY PAID BY YOU TO EXPLOIT PACK FOR THE SPECIFIC SOFTWARE GIVING RISE TO THE CLAIM DURING THE TWELVE (12) MONTHS PRECEDING THE EVENT GIVING RISE TO THE CLAIM.

Nothing in this Agreement shall exclude or limit liability to the extent such exclusion or limitation is prohibited by mandatory law.

17. Indemnification

You shall indemnify, defend, and hold harmless Exploit Pack, its partners, employees, officers, contractors, affiliates, and licensors from and against any and all third-party claims, demands, investigations, actions, losses, liabilities, damages, penalties, fines, and reasonable legal fees arising out of or related to:
a. your use or misuse of the Software;
b. your breach of this Agreement;
c. your failure to obtain proper authorisation for a target, engagement, or environment;
d. your violation of applicable law, regulation, sanctions, export controls, contractual obligations, or third-party rights.

18. Suspension and Termination

Exploit Pack may suspend or terminate this Agreement, any license granted under it, or access to updates, activation, support, or related services immediately if:
a. you breach this Agreement;
b. you fail to pay applicable fees when due;
c. Exploit Pack reasonably suspects unlawful use, misuse, fraud, sanctions risk, export control risk, or material security or reputational risk; or
d. continued performance may expose Exploit Pack to legal or regulatory risk.

Your license shall terminate automatically, without notice, if you materially breach this Agreement.

Upon termination:
a. all rights granted to you under this Agreement shall immediately cease;
b. you shall immediately stop using the Software;
c. you shall uninstall, delete, and destroy all copies of the Software and related confidential materials in your possession or control, except to the extent retention is required by law; and
d. any provisions which by their nature should survive termination shall survive, including provisions relating to intellectual property, confidentiality, disclaimers, liability limitations, indemnification, compliance, governing law, and dispute resolution.

19. Audit and Verification

Where Exploit Pack has a reasonable basis to suspect material breach, unauthorised distribution, use outside the purchased license scope, or sanctions or export-control issues, you agree to reasonably cooperate with proportionate verification measures requested by Exploit Pack.

Any such verification shall be limited to what is reasonably necessary and carried out with due regard for confidentiality and applicable data protection law.

20. Assignment

You may not assign, transfer, novate, delegate, sublicense, or otherwise dispose of this Agreement or any rights under it without Exploit Pack’s prior written consent.

Any attempted assignment in violation of this clause shall be void to the extent permitted by law.

21. Amendments

Exploit Pack may update or amend this Agreement from time to time.

Any updated version shall apply to new purchases, renewals, downloads, activations, or versions of the Software made available after the effective date of the updated Agreement. Where required by applicable law, material changes affecting an active paid license term shall be notified in advance.

22. Severability

If any provision of this Agreement is held to be invalid, unlawful, or unenforceable, the remaining provisions shall remain in full force and effect.

Any invalid, unlawful, or unenforceable provision shall be deemed replaced by a valid and enforceable provision that most closely reflects its original purpose and economic intent.

23. No Waiver

Failure by Exploit Pack to enforce any provision of this Agreement shall not constitute a waiver of that provision or of any other provision.

24. Governing Law and Jurisdiction

This Agreement and any dispute, claim, or controversy arising out of or in connection with it shall be governed exclusively by the laws of the Netherlands, without regard to conflict of laws principles.

The courts of the Netherlands having jurisdiction in the district where Exploit Pack VOF is established shall have exclusive jurisdiction over any dispute arising out of or in connection with this Agreement, unless mandatory law requires otherwise.

25. Entire Agreement

This Agreement constitutes the entire agreement between you and Exploit Pack concerning the Software, except to the extent supplemented by a written quotation, order form, invoice, support agreement, reseller agreement, or other written commercial agreement issued or accepted by Exploit Pack.

By purchasing, downloading, installing, activating, accessing, or using the Software, you acknowledge that you have read, understood, and agreed to this Agreement.