Documentation
Guides, references, and policy documentation for the Haders AI platform.
Privacy Policy
How we collect, use, store, and protect your personal data. Covers data retention periods, third-party services we use, your rights to access and delete your data, and how to exercise them.
Terms of Service
The rules and conditions governing your use of Haders. Covers eligibility (18+), permitted and prohibited uses, account termination conditions, limitation of liability, and dispute resolution.
Cookie Policy
What we store on your device and why. Haders uses exactly one session cookie and one localStorage token for trusted device recognition. No advertising, analytics, or tracking cookies.
Refund Policy
Refunds are only issued for verified billing errors or within 7 days of a charge if the account has fewer than 10 messages sent. Read the full policy before subscribing.
Acceptable Use Policy
Defines what Haders is built for (authorized security work, research, and education) and what is absolutely prohibited. Agreed to at signup and enforced on every account.
Security Policy
How we protect the platform and your data. Covers infrastructure security controls, TLS 1.3 in transit, AES-256 at rest, incident response process, and how to report a vulnerability.
What is Haders?
An AI built for security professionals. No reflexive refusals, no keyword-triggered refusals, no hedging. Haders evaluates context: penetration testers, red teamers, researchers, and defenders get real answers.
Creating an account
Sign up with your name, email, and a strong password (12+ characters with uppercase, number, and special character). Must be 18+. Email verification is required before first login.
Choosing a plan
Six tiers: Free (50K tokens/5 hrs, Charon only), Starter (1M), Pro (5M), Pro+ (10M, 48K context), Max (20M, 64K context), Max 20x (100M). All paid tiers unlock Hermes, Cerberus, and tool access.
Navigating the interface
Conversation window in the center, collapsible sidebar on the left for history, model selector at the top, and microphone button for voice input. Shift+Enter for new lines, Enter to send.
Ask Mode
Default mode. Direct Q&A with full context retention across the conversation. Supports live web search for current CVEs and threat intel. Paste raw tool output (nmap, Burp, Volatility) and get immediate analysis.
Plan Mode
Generate phased engagement plans from a target brief. Produces MITRE ATT&CK-tagged activity lists, suggested tooling, contingency paths, and detection risk notes per phase.
Agent Mode
Autonomous multi-step reasoning with 14 security tools: DNS, WHOIS, port scanning, subdomain enumeration, SSL inspection, CVE search, exploit search, code execution, HTTP fetch, hash tools, encode/decode, and web search.
Voice Mode
Hands-free interaction via browser microphone. Speak questions, receive spoken responses. Available on all tiers. Works in Chrome, Firefox, Edge, and Safari. Mix voice and typed input freely in the same conversation.
Memory
Persistent context across sessions. Haders automatically identifies and stores targets, methodology, preferences, and findings. View, edit, or clear memory entries at any time from Settings. Available on all tiers.
Charon
Fastest model. First token in under a second on most queries. Best for rapid lookups, tool syntax, log interpretation, and recon Q&A during active engagements. Only model on Free tier. No tool access.
Hermes
Balanced reasoning with tool access. Best for pentest reports, threat intel analysis, code review, and structured documentation. Stronger at nuanced judgment and longer outputs than Charon. Available Starter+.
Cerberus
Most powerful model. Extended reasoning for complex multi-step problems: full engagement planning, malware behavioral analysis, novel exploitation research, and deep agent tasks. Slower, higher token cost. Available Starter+.
Switching models
Switch at any point in a conversation. The new model receives full conversation history and continues from where the previous model left off. No extra cost to switch, though token usage varies by model.
Tier limits
Usage is measured in tokens over a rolling 5-hour window. Free: 50K tokens, 16K context. Starter: 1M, 32K. Pro: 5M, 32K. Pro+: 10M, 48K. Max: 20M, 64K. Max 20x: 100M, 64K. All tiers include voice, memory, and web search.
Upgrading your plan
Upgrade instantly from Settings → Subscription. Takes effect immediately with no waiting for a billing cycle. Prorated charge for mid-cycle upgrades. Accepts Visa, Mastercard, Amex, and Discover via Stripe.
Billing and invoices
Billed monthly on your subscription anniversary date in USD. Invoices are emailed and available in Settings → Billing History as downloadable PDFs. Failed payments are retried on days 1, 3, and 7.
Cancellation and refunds
Cancel anytime from Settings → Subscription with no fees or notice period. Access continues until the billing period ends. Conversation history and memory are retained for 90 days after downgrade.
Data retention
Conversations are stored until you delete them. Memory until cleared. Billing records for 7 years (legal requirement). Server logs for 30 days. Conversations are never used to train AI models.
Conversation privacy
Conversations are private to your account. Not shared, not used for training. TLS 1.3 in transit, AES-256 at rest. Session tokens are HTTP-only cookies inaccessible to client-side JavaScript.
Account security
Email and password authentication with a 12-character minimum including uppercase, numbers, and special characters. Sessions persist until you log out or reset your password, which invalidates all active sessions.
Terms and policies
Index of all legal documents: Terms of Service, Privacy Policy, Acceptable Use Policy, Cookie Policy, and Refund Policy, with links to each and a summary of what each covers.
Acceptable use
Haders is designed for authorized security work. The platform trusts professional context established at signup. Explains the difference between legitimate security research and requests the platform will decline.
Prohibited activities
Zero-tolerance list: attacking unauthorized systems, deploying malware against real targets, attacking critical infrastructure, CSAM, targeted doxing or harassment, and state-sponsored attacks on civilians.
Content guidelines
How Haders evaluates requests by context, not keywords. Covers what the platform will engage with (all MITRE ATT&CK techniques, exploit mechanics, malware analysis) and the narrow set of things it will decline.
Reporting abuse
How to report someone using Haders to facilitate real harm. Reports are reviewed within 24 hours. File via Discord. False reports are themselves an AUP violation.
Quickstart
Make your first API call in under two minutes. Includes curl, Python (OpenAI SDK), and Node.js examples. Base URL: api.haders.site/v1. Streaming enabled by default.
Authentication
All requests require a Bearer token in the Authorization header. How to generate API keys from Settings, store them securely, rotate them, and handle 401 error responses.
Chat Completions
POST /v1/chat/completions. Full parameter reference: model, messages, stream, max_tokens (cap: 8192), temperature (default: 0.65). Request and response shapes with streaming SSE examples.
Models Endpoint
GET /v1/models. Returns the list of available models with IDs, descriptions, and context window sizes. Required by IDE integrations like Continue.dev and Cursor to populate the model selector.
IDE Integration
Use Haders models in VS Code, Cursor, and Continue.dev. Drop-in OpenAI-compatible backend. Config examples for all three editors. Set base URL to api.haders.site/v1 and your API key.
Can't find what you need? Join our Discord and ask.
© 2026 Haders AI. All rights reserved.