From 6657fa149ad1f625f271f1280d11c9035e54e901 Mon Sep 17 00:00:00 2001
From: Josh <13081611+joshmate@users.noreply.github.com>
Date: Sun, 16 Dec 2018 16:30:31 -0800
Subject: [PATCH] Added sentence clarifying legal requirements (#24712)

Added the text: "Penetration testing without authorization is illegal, so it is very important to have this signed agreement before starting any work."
---
 guide/english/security/penetration-testing/index.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/guide/english/security/penetration-testing/index.md b/guide/english/security/penetration-testing/index.md
index 69bbd4dddb..df18eb89e8 100644
--- a/guide/english/security/penetration-testing/index.md
+++ b/guide/english/security/penetration-testing/index.md
@@ -10,7 +10,7 @@ Before doing a penetration test, it is mandatory to have an agreement that will
 - where will be the IP source of the attack, and
 - what will be the penetration fields of the system.
 
-Penetration testing is conducted by professional ethical hackers who mainly use commercial, open-source tools, automate tools and manual checks. There are no restrictions; the most important objective here is to uncover as many security flaws as possible. Many big companies offer rewards for anybody that can point out security vulnerabilities in their systems, through what is called [bug bounty programs](https://en.wikipedia.org/wiki/Bug_bounty_program). Google, for example, will offer tens of thousands of dollars through their Vulnerability Reward Program.
+Penetration testing without authorization is illegal, so it is very important to have this signed agreement before starting any work. Penetration testing is conducted by professional ethical hackers who mainly use commercial, open-source tools, automate tools and manual checks. There are no restrictions; the most important objective here is to uncover as many security flaws as possible. Many big companies offer rewards for anybody that can point out security vulnerabilities in their systems, through what is called [bug bounty programs](https://en.wikipedia.org/wiki/Bug_bounty_program). Google, for example, will offer tens of thousands of dollars through their Vulnerability Reward Program.
 
 ## Phases of Penetration Testing