Terms of Service

1. Acceptance of Terms

By accessing, downloading, installing, purchasing, licensing, or using any product within the Silent Exploit offensive-security suite — including but not limited to Delivery, Exploit Builder, and Cache Loader — their websites, documentation, updates, modules, builder components, generators, templates, and any associated services (collectively, the "Software" or "Service"), you ("User," "You") acknowledge that you have read, understood, and agree to be legally bound by these Terms of Service ("Terms," "Agreement").

This master Agreement applies to the entire Silent Exploit suite. Each individual product additionally maintains its own product-specific Terms (, Exploit Builder, Cache Loader); to the extent any product-specific Terms conflict with this master Agreement, the product-specific Terms control for that product.

If you do not agree to all of these Terms in their entirety, you must immediately cease all use of the Software, uninstall any installed components, destroy all copies in your possession, and refrain from accessing any Silent Exploit resources.

These Terms constitute a legally binding agreement between you and Silent Exploit ("Company," "We," "Us," "Our"). By using the Software, you represent and warrant that you have the legal capacity and authority to enter into this Agreement.

2. Definitions

• "Software" refers collectively to all products within the Silent Exploit suite, including Exploit Builder (modular document & launcher builder toolkit), Cache Loader (browser-cache payload delivery framework), and HTML Dropper (payload generator), together with all server, client, builder, generator, template, documentation, and update components, and any derivative works provided by the Company.
• "Service" refers to any online services, support, license management, authentication systems, update delivery mechanisms, and website services provided by the Company.
• "User" refers to any individual or entity who accesses, downloads, installs, purchases, licenses, or uses the Software or Service.
• "License" refers to the limited, non-exclusive, non-transferable, revocable right to use the Software as granted under these Terms.
• "Generated Artifact" refers to any file, document, launcher, container, executable, page, or script produced by any builder or generator within the Software — including weaponized Office documents, CHM/MSC/CPL/LNK/XLL/HTA/WSC/VBS/JAR/EXE artifacts, browser-cache loaders, decoy pages, redirector scripts, and any other output of the Software.
• "Authorized Target" refers to a system, network, document, account, or environment that is legally owned, operated, or controlled by the User, or for which the User has obtained explicit, documented written authorization to test, build, or deploy artifacts.
• "Red Team Engagement" refers to authorized adversary-simulation testing conducted under a valid, signed scope-of-work or rules-of-engagement document with the asset owner.
• "Malware Analysis" refers to defensive security research aimed at understanding malicious file structures, detection bypass techniques, and developing countermeasures.
• "HWID" refers to Hardware Identification, a unique identifier derived from the User's hardware components used for license binding.

3. Purpose & Intended Use

The Silent Exploit suite is developed, marketed, and distributed exclusively for the following legitimate purposes:

3.1 Cybersecurity Education & Research

The Silent Exploit suite is primarily designed as an educational and research platform covering the full spectrum of remote administration, document weaponization, launcher abuse, and browser-cache payload-delivery techniques, together with the corresponding defensive countermeasures. Each product addresses a distinct learning surface:

• Delivery — Java-based remote administration architecture, client-server design, modular agent operations.
• Exploit Builder — document weaponization, scripting-language abuse, LOLBin patterns, launcher and container formats.
• Cache Loader — browser-cache abuse, decoy-page design, payload-staging, social-engineering delivery vectors.

3.2 Authorized Red Team Operations

The Software supports authorized red team and adversary-simulation engagements. Generated Artifacts may be used solely against systems, accounts, and personnel covered by a written rules-of-engagement document signed by the asset owner.

3.3 Detection Engineering & Blue Team Training

The Software enables defenders, SOC analysts, and detection engineers to generate samples in order to write, test, and validate detection rules (YARA, Sigma, EDR queries, network signatures) within their own controlled environments.

3.4 Authorized Phishing & Awareness Programs

Authorized internal security and awareness teams may use Generated Artifacts as part of phishing simulations and awareness training programs against the organization's own workforce, conducted with proper organizational authorization and in compliance with applicable laws.

3.5 Personal & Lab Use

Users may use the Software to manage their own personal devices, build content for capture-the-flag competitions, personal home labs, isolated virtual machines, and academic exercises that they fully control.

4. Eligibility & Account Requirements

4.1 Age Requirement

You must be at least 18 years of age (or the age of legal majority in your jurisdiction) to purchase, license, or use the Software.

4.2 Legal Capacity

You represent and warrant that you have the legal capacity, authority, and right to enter into this Agreement. If you are using the Software on behalf of an organization, you warrant that you have the authority to bind that organization to these Terms.

4.3 Account Security

You are solely responsible for maintaining the confidentiality and security of your account credentials, license keys, and HWID bindings. You must immediately notify us of any unauthorized use or breach.

4.4 Accurate Information

You agree to provide accurate, current, and complete information during registration and purchase. Providing false information constitutes a material breach.

4.5 One Account Per User

Each license is bound to a single user account and HWID. Sharing, transferring, reselling, or sublicensing license keys is strictly prohibited.

5. License Grant & Restrictions

5.1 License Grant

Subject to your compliance with these Terms and payment of all applicable fees, the Company grants you a limited, non-exclusive, non-transferable, non-sublicensable, revocable license to install and use the Software on your Authorized Devices for the duration of your subscription, solely for the purposes outlined in Section 3.

5.2 License Restrictions

You shall NOT, and shall not permit any third party to:

• Copy, distribute, publish, or disseminate the Software except as expressly permitted herein;
• Modify, adapt, reverse engineer, decompile, disassemble, or create derivative works based on the Software;
• Remove, alter, or obscure any copyright notices, trademarks, license keys, or watermarks contained in or on the Software or its Generated Artifacts;
• Sell, resell, rent, lease, lend, sublicense, assign, or transfer the Software or any rights therein;
• Use the Software to develop any competing builder, generator, or weaponization product;
• Circumvent, disable, or interfere with any license management, authentication, HWID verification, or copy-protection mechanism;
• Share, post, upload, or otherwise distribute license keys, cracked versions, patches, or any mechanism designed to bypass licensing;
• Distribute, share, or upload built Generated Artifacts on any public platform, file-sharing service, malware repository, or marketplace;
• Use the Software to create artifacts for resale or for-hire malicious operations.

5.3 Reservation of Rights

All rights not expressly granted herein are reserved by the Company. The Software is licensed, not sold.

6. Permitted Use Cases

The following are explicitly permitted use cases, provided all other conditions of these Terms are met:

6.1 Personal Lab Environment

Generating and detonating artifacts within isolated virtual machines, sandboxes, or air-gapped lab networks that you fully own and operate.

6.2 Authorized Red Team Engagements

Producing Generated Artifacts for use against systems explicitly named in a signed rules-of-engagement document with the asset owner. Engagement scope must be respected at all times.

6.3 Detection Rule Development

Generating sample artifacts inside your own SOC / detection-engineering environment to author and validate YARA rules, Sigma rules, EDR detections, or static/dynamic analysis pipelines.

6.4 Educational Demonstrations

Use in academic courses, conference talks, training labs, and CTF challenges where the artifact only ever runs in instructor-controlled or attendee-owned environments.

6.5 Internal Phishing Simulations

Use by authorized internal security or awareness teams against the organization's own employees, in compliance with applicable employment, labor, and privacy laws and with proper organizational sign-off.

6.6 Defensive Research Publication

Producing technical write-ups, blog posts, or papers about delivery techniques and corresponding mitigations, provided that any included samples cannot be trivially weaponized against third parties.

7. Prohibited Activities

The following activities are strictly prohibited and constitute a material breach of these Terms. Engaging in any of the following will result in immediate license termination, permanent ban, forfeiture of all fees paid, and may result in reporting to law enforcement authorities:

7.1 Unauthorized Targeting

• Sending, deploying, or executing any Generated Artifact against any device, system, network, account, or person without the explicit, informed, documented consent of the system owner;
• Conducting phishing, smishing, vishing, BEC, or any social-engineering operation against third parties;
• Using the Software to gain unauthorized access to any computer system, mailbox, network, or cloud tenant;
• Embedding artifacts inside legitimate-looking documents or installers and distributing them through deceptive channels.

7.2 Criminal Activities

• Using the Software for any purpose that violates any applicable local, state, national, or international law;
• Using the Software to facilitate ransomware, banking trojans, infostealers, cryptominers, wipers, or any other malicious payload deployment against unauthorized targets;
• Using the Software to steal, exfiltrate, or misappropriate personal data, financial information, credentials, trade secrets, or any other confidential information;
• Using the Software to interfere with, disrupt, or damage any computer system, network, service, or critical infrastructure;
• Using the Software against critical infrastructure, government systems, healthcare systems, financial institutions, or educational institutions without proper authorization;
• Using the Software to harass, stalk, intimidate, blackmail, or extort any person.

7.3 Distribution & Proliferation

• Sharing, distributing, uploading, or making the Software or its source available to any unauthorized third party;
• Publishing, posting, or sharing built Generated Artifacts on any public platform, forum, marketplace, file-sharing service, or malware-on-demand service;
• Operating a malware-as-a-service or builder-as-a-service offering on top of the Software;
• Creating, distributing, or selling cracked, modified, or patched versions of the Software;
• Bundling Generated Artifacts with legitimate software for unauthorized distribution.

7.4 Anti-Competitive Activities

• Using the Software to develop, train, or improve any competing product or service;
• Reverse engineering the Software to extract templates, generators, or evasion techniques for redistribution.

8. User Obligations & Responsibilities

8.1 Compliance Obligation

You are solely and exclusively responsible for ensuring that your use of the Software and any Generated Artifact complies with all applicable laws, regulations, and legal requirements in your jurisdiction and in the jurisdiction of any target system, including but not limited to:

• Computer fraud and abuse laws (e.g., CFAA, UK Computer Misuse Act, EU Directive 2013/40/EU);
• Privacy and data protection laws (e.g., GDPR, CCPA, LGPD, PIPEDA, POPIA);
• Wiretapping, anti-spam, and electronic communications laws;
• Employment laws governing employee security testing;
• Export-control and sanctions regulations;
• Industry-specific regulations (e.g., HIPAA, PCI-DSS, NIS2).

8.2 Authorization Documentation

You must obtain, document, and retain written authorization from the asset owner before generating, deploying, or detonating any Generated Artifact against a third-party system. You agree to maintain such documentation for the duration of your use of the Software and for a minimum of three (3) years thereafter, and to produce it upon lawful request.

8.3 Scope Adherence

For red team or pen-test engagements, you must strictly adhere to the agreed scope and rules of engagement. Out-of-scope activity using the Software is prohibited.

8.4 Security Obligations

You are responsible for protecting your installation, license keys, and Generated Artifacts from unauthorized access. Generated Artifacts must be stored securely (encrypted at rest where feasible) and disposed of after the engagement.

8.5 Incident Reporting

You must immediately notify the Company if you become aware of any unauthorized use of, or leak of, your license, your installation, or any Generated Artifact.

8.6 Record Keeping

You agree to maintain records of all engagements, authorizations, and target lists, and to make such records available for audit upon reasonable request by the Company or any lawful authority.

9. Legal Compliance & Authorization

9.1 Prior Authorization Requirement

You MUST obtain explicit, informed, voluntary, written authorization from the owner or authorized administrator of ANY system or environment before deploying ANY Generated Artifact against it. "Informed authorization" means the authorizing party has been clearly informed of:

• The nature and capabilities of the artifacts that will be used;
• The systems, accounts, and networks that will be targeted;
• The data that may be accessed, collected, or transmitted;
• The duration of the engagement;
• How any collected data will be handled and disposed of.

9.2 Limited Exceptions

Written authorization is not required only when:

• The target is a personal device, account, or environment that you alone own and control;
• The target is an isolated lab, sandbox, or virtual machine fully operated by you;
• You have a valid court order or legal warrant authorizing the activity.

9.3 Jurisdictional Awareness

Computer-misuse, surveillance, and privacy laws vary significantly between jurisdictions. It is YOUR sole responsibility to understand and comply with all applicable laws. The Company does not provide legal advice and strongly recommends consulting qualified counsel before any engagement.

10. Educational & Research Use

10.1 Educational Purpose

The Software is designed as a comprehensive educational platform for studying offensive and defensive security concepts including: document/script delivery vectors, COM/Office automation abuse, LOLBin techniques, evasion and obfuscation strategies, packaging formats, and the detection engineering required to defeat them.

10.2 Controlled Environments

All educational and research use MUST be conducted in controlled, isolated environments such as:

• Isolated virtual machines or virtual networks;
• Air-gapped laboratory networks;
• Dedicated cybersecurity training ranges;
• Sandboxed environments with no access to production systems or the public internet;
• Devices personally owned by the researcher/student.

10.3 Academic Supervision

When used in academic settings, use of the Software should be supervised by a qualified instructor responsible for ensuring compliance with these Terms, applicable laws, and institutional policies.

10.4 Responsible Disclosure

If research conducted using the Software identifies new vulnerabilities or detection gaps in third-party products, the researcher must practice responsible disclosure and must not publish information that could enable mass unauthorized exploitation.

10.5 No Real-World Deployment

Techniques studied through educational use MUST NOT be deployed against real-world systems, networks, or individuals without separate, explicit authorization as outlined in Sections 6 and 9.

11. Red Team & Authorized Engagements

11.1 Engagement Authorization

Use of the Software in a red team, penetration test, or adversary-simulation context requires a fully executed, written engagement agreement that explicitly authorizes the use of weaponized documents, launchers, and scripted payloads against the named target systems.

11.2 Out-of-Scope Activity Prohibited

You must not use the Software, or any Generated Artifact derived from it, against any system, account, or individual not expressly listed within the agreed scope.

11.3 Cleanup Obligation

Upon completion of any engagement, you must remove all Generated Artifacts, persistence mechanisms, and any other footprint introduced into the target environment, and must report all such artifacts to the engagement sponsor.

11.4 No Retention of Sensitive Target Data

You must not retain personal data, credentials, or business-confidential material extracted during an engagement beyond what is required for reporting, and must securely destroy such data per the engagement agreement.

12. Generated Artifacts

12.1 User Responsibility

The Company has no control over the use or distribution of any Generated Artifact once it leaves the Software. You are fully and exclusively responsible for every Generated Artifact you create, store, transmit, or deploy.

12.2 No Public Distribution

Generated Artifacts must not be uploaded to public file-sharing services, public malware repositories, marketplace listings, or otherwise made available to the public.

12.3 Identification & Attribution

The Company may embed non-removable identifiers, watermarks, or telemetry markers into Generated Artifacts for license enforcement and abuse detection. Attempting to strip, alter, or obfuscate such markers is a material breach of these Terms.

12.4 Detection by Third Parties

The Company makes no warranty that any Generated Artifact will evade detection by any antivirus, EDR, sandbox, or similar product, now or in the future. Detection signatures evolve continuously.

13. Intellectual Property

13.1 Ownership

The Software, including all source code, generators, templates, algorithms, designs, documentation, user interfaces, graphics, logos, and trademarks, are and shall remain the exclusive property of the Company and its licensors.

13.2 Trademarks

"Silent Exploit", "Delivery", "Exploit Builder", "Cache Loader" and the related logos are trademarks or trade dress of the Company.

13.3 Feedback

Any feedback, suggestions, or recommendations you provide regarding the Software shall become the exclusive property of the Company.

13.4 Copyright Protection

The Software is protected by copyright laws and international copyright treaties.

14. Payment, Licensing & Refunds

14.1 License Fees

Access to the Software requires payment of applicable license fees as listed on our website. All fees are quoted in US Dollars (USD) unless otherwise specified.

14.2 Payment Processing

All payments are processed through third-party payment processors (e.g., Sell.app). The Company does not directly store or process credit card or payment information.

14.3 No Refund Policy

Due to the digital nature of the Software and the immediate delivery of license keys upon purchase, all sales are final and non-refundable. Initiating a fraudulent chargeback will result in immediate license termination and may result in legal action.

14.4 Exceptions

Refunds may be considered at the Company's sole discretion in cases of duplicate charges, delivery failure, or material defects rendering the Software unusable that the Company is unable to resolve within 30 days of notification.

14.5 Tax Responsibility

You are responsible for all applicable taxes, duties, and levies in your jurisdiction.

15. Subscription & License Management

15.1 Subscription Periods

Licenses are available in various subscription periods as listed on the Pricing page. Each license is bound to a single HWID and cannot be transferred between devices without prior authorization from the Company.

15.2 Expiration

Upon expiration, your license terminates automatically. You must cease all use of the Software and uninstall all components.

15.3 HWID Binding

Each license is bound to a unique HWID. The Company provides limited HWID resets at its discretion. Excessive reset requests may indicate license sharing and will be investigated.

15.4 Lifetime License

"Lifetime" refers to the product's operational lifecycle, not the licensee's biological lifetime. The Company reserves the right to discontinue the Software at any time.

16. Service Availability & Modifications

16.1 Availability

The Company endeavors to provide reliable service but does not guarantee uninterrupted, error-free, or continuous availability.

16.2 Modifications

The Company reserves the right to modify, update, enhance, reduce, or discontinue any feature, module, generator, or template at any time, with or without notice.

16.3 Updates

The Company may release updates, patches, or new versions at its discretion. Some updates may be mandatory for continued operation.

17. Data Handling & Security

17.1 Local Operation

The Exploit Builder and Cache Loader builders run locally on YOUR machine. The HTML Dropper builder runs locally. Generated Artifacts and operational data are produced and stored locally; the Company does not host, mediate, or have access to any payload, recipient list, agent communication, or content you supply to the Software.

17.2 Company Data Collection

The Company's data collection is limited to: license authentication data (HWID, license key), basic usage telemetry (product version, OS type), and purchase/account information. See our Privacy Policy for complete details.

17.3 Your Data Responsibility

You are solely responsible for any data, payload content, target lists, or credentials you handle through the Software, and for compliance with all applicable laws.

17.4 No Company Liability for User Content

The Company has no access to, control over, or responsibility for any payload content, target data, or Generated Artifact you produce.

18. Third-Party Components

The Software may include or depend upon third-party libraries, frameworks, runtimes, and components (including but not limited to: Tauri, Rust crates, React, Vite, Java/OpenJDK, Netty, GSON, Launch4j, Office Open XML SDKs, Win32 APIs, browser-platform APIs, and others). These components are subject to their own respective licenses. The Company makes no warranty regarding third-party components and assumes no liability for their functionality, security, or compatibility.

You acknowledge that the Company is not responsible for the availability, functionality, or security of any third-party services, APIs, or platforms with which the Software may interact.

19. Disclaimer of Warranties

20. Limitation of Liability

21. Indemnification

You agree to indemnify, defend, and hold harmless the Company, its officers, directors, employees, agents, partners, suppliers, licensors, and affiliates from and against any and all claims, demands, losses, damages, liabilities, costs, and expenses (including reasonable attorneys' fees) arising out of or relating to:

• Your use or misuse of the Software, the Service, or any Generated Artifact;
• Your violation of these Terms;
• Your violation of any applicable law, regulation, or third-party right;
• Your failure to obtain required authorizations;
• Any data, payload, or content you transmit, store, or process using the Software;
• Any unauthorized, illegal, or improper deployment of the Software or Generated Artifacts by you or any person using your license.

This indemnification obligation shall survive the termination or expiration of these Terms.

22. Termination & Suspension

22.1 Termination by User

You may terminate this Agreement at any time by ceasing all use of the Software and destroying all copies. No refund will be provided upon voluntary termination.

22.2 Termination by Company

The Company may immediately terminate or suspend your license without prior notice for any reason, including breach of these Terms, suspected illegal use, non-payment, fraudulent chargebacks, law-enforcement request, extended inactivity, or product discontinuation.

22.3 Effect of Termination

Upon termination, you must immediately cease all use of the Software, uninstall all copies, and destroy any Generated Artifacts. Sections 7, 8, 12, 13, 19, 20, 21, 23, and 24 survive termination.

22.4 No Refund Upon Termination

No refund of any fees paid shall be provided upon termination, regardless of the reason.

23. Dispute Resolution & Arbitration

23.1 Informal Resolution

Before initiating any formal proceeding, you agree to first attempt to resolve any dispute informally by contacting the Company. The parties shall make a good-faith effort within thirty (30) days.

23.2 Binding Arbitration

If informal resolution fails, any dispute shall be resolved through binding individual arbitration under the rules of a mutually agreed-upon arbitration institution.

23.3 Class Action Waiver

YOU AGREE THAT ANY DISPUTE WILL BE CONDUCTED ONLY ON AN INDIVIDUAL BASIS AND NOT IN A CLASS, CONSOLIDATED, OR REPRESENTATIVE ACTION.

23.4 Exceptions

Either party may seek injunctive relief in any court of competent jurisdiction to prevent infringement of intellectual property or confidential information.

24. Governing Law & Jurisdiction

These Terms shall be governed by and construed in accordance with the laws of the jurisdiction in which the Company is established, without regard to conflict of law principles. You irrevocably consent to the exclusive jurisdiction of the courts in that jurisdiction.

25. Export Controls & Sanctions

The Software may be subject to export-control laws and regulations. You agree to comply with all applicable export-control and sanctions laws of the United States, the European Union, and your local jurisdiction. You represent and warrant that you are not located in, or a national or resident of, any country subject to comprehensive sanctions, and that you are not on any restricted-parties list.

26. Force Majeure

The Company shall not be liable for any failure or delay resulting from causes beyond its reasonable control, including acts of God, natural disasters, pandemics, war, terrorism, civil unrest, government actions, embargoes, fire, flood, earthquake, power outages, internet disruptions, or cyberattacks against the Company's infrastructure.

27. Severability

If any provision of these Terms is held to be invalid, illegal, or unenforceable, such provision shall be modified to the minimum extent necessary to make it valid, or if not possible, severed. The remaining provisions shall continue in full force and effect.

28. Waiver

Failure of the Company to exercise or enforce any right or provision shall not constitute a waiver. Any waiver will be effective only if in writing and signed by the Company.

29. Assignment

You may not assign, transfer, or sublicense any of your rights without the prior written consent of the Company. The Company may freely assign its rights and obligations.

30. Entire Agreement

These Terms, together with the Privacy Policy and any other legal notices published by the Company, constitute the entire agreement between you and the Company regarding the Software, superseding all prior agreements, whether written or oral.

31. Amendments & Modifications

The Company reserves the right to modify these Terms at any time. Material changes will be communicated through the website, email, or in-application notification. Continued use after revisions constitutes acceptance.

32. Contact Information

If you have any questions, concerns, or inquiries regarding these Terms of Service:

• Telegram: @QuimaDEV
• Email: quimadev@proton.me

For product-specific issues, please use the relevant product's contact channels (, Exploit Builder, Cache Loader). For legal inquiries, please include "LEGAL" in the subject of your message.