ThreatRecon is a browser-based static malware triage workbench. These terms describe how the site may be used and the limits of what it provides.

Educational and defensive use

ThreatRecon.io is built for defensive security education, malware triage practice, and analyst workflow training. Users are responsible for using the platform legally and ethically.

Static-analysis limitation

ThreatRecon performs local static analysis only. It does not execute samples, detonate malware, upload files, or guarantee detection of malicious behavior.

Authorization requirement

You are responsible for ensuring you have authorization to analyze files, logs, IOCs, or systems associated with any investigation.

Sensitive data warning

Do not paste or upload sensitive, proprietary, regulated, classified, credential-bearing, or personally identifiable data unless you are authorized and understand the risk. Analysis runs locally in your browser, but exported reports may still contain sensitive indicators.

Public sandbox warning

External sandbox links are manual handoff links only. ThreatRecon does not submit files or IOCs to third parties. Do not submit confidential client files, proprietary samples, or regulated data to public sandboxes unless authorized. Use private or internal sandboxing for sensitive investigations.

No warranty

ThreatRecon is provided as-is, without warranties of accuracy, availability, fitness for a particular purpose, or complete security.

Limitation of liability

To the maximum extent allowed by applicable law, the site operator is not liable for damages, data loss, operational disruption, misuse, or decisions made based on tool output.

Acceptable use

You must not use ThreatRecon to:

create or improve malware or evasion techniques;
attack third-party systems without authorization;
violate applicable laws or regulations;
analyze data you are not authorized to handle;
harass or target individuals;
bypass security controls without authorization.

Legal & Responsible Use