Advanced threat intelligence platform monitoring dark web activity, data breaches, and DDoS attacks in real-time.
Retrieve recent threat intelligence entries with optional filtering
| time_range | string Default: "7d" Enum: "24h" "7d" "30d" "90d" Time range for filtering entries |
| limit | integer [ 1 .. 100 ] Default: 10 Maximum number of entries to return |
| category | string Enum: "Data Breach" "Data Leak" "DDoS Attack" "Defacement" "Ransomware" "Malware" Filter by threat category |
| victim_country_code | string^[A-Z]{3}$ Filter by victim country (ISO 3166-1 alpha-3 code) |
| victim_industry | string Filter by victim industry |
| threat_actors | string Filter by threat actor name |
| entry_hash required | string Unique identifier for the threat entry |
| title required | string Title of the threat entry |
| summary | string Brief summary of the threat |
| description | string Detailed description of the threat |
| category required | string Enum: "Data Breach" "Data Leak" "DDoS Attack" "Defacement" "Ransomware" "Malware" Category of the threat |
| severity | string Enum: "low" "medium" "high" "critical" Severity level of the threat |
| network required | string Source network where the threat was detected |
| date required | string <date-time> Date and time when the threat was detected |
| victim_country_code | string^[A-Z]{3}$ ISO 3166-1 alpha-3 country code of the victim |
| victim_industry | string Industry sector of the victim organization |
| victim_organization | string Name of the victim organization |
| victim_site | string Website of the victim organization |
| threat_actors | string Known threat actors associated with this threat |
| screenshots_thumb | string Comma-separated URLs of thumbnail screenshots |
| screenshots_full | string Comma-separated URLs of full-size screenshots |
| source_url | string Original source URL of the threat intelligence |
[- {
- "entry_hash": "string",
- "title": "string",
- "summary": "string",
- "description": "string",
- "category": "Data Breach",
- "severity": "low",
- "network": "string",
- "date": "2019-08-24T14:15:22Z",
- "victim_country_code": "string",
- "victim_industry": "string",
- "victim_organization": "string",
- "victim_site": "string",
- "threat_actors": "string",
- "screenshots_thumb": "string",
- "screenshots_full": "string",
- "source_url": "string"
}
]Get aggregated threat counts grouped by a specific field
| group_by required | string Enum: "category" "industry" "threat_actors" Field to group results by |
| time_range | string Default: "7d" Enum: "24h" "7d" "30d" "90d" Time range for filtering |
| limit | integer [ 1 .. 50 ] Default: 10 Maximum number of results to return |
| category | string Category name (when grouping by category) |
| industry | string Industry name (when grouping by industry) |
| threat_actors | string Threat actor name (when grouping by threat_actors) |
| count required | integer Number of threats in this group |
| percent_change | number Percentage change compared to previous period |
[- {
- "category": "string",
- "industry": "string",
- "threat_actors": "string",
- "count": 0,
- "percent_change": 0
}
]Get aggregated threat counts grouped by victim country
| time_range | string Default: "7d" Enum: "24h" "7d" "30d" "90d" Time range for filtering |
| limit | integer [ 1 .. 100 ] Default: 50 Maximum number of countries to return |
| victim_country_code required | string^[A-Z]{3}$ ISO 3166-1 alpha-3 country code |
| country_name | string Human-readable country name |
| count required | integer Number of threats targeting this country |
[- {
- "victim_country_code": "string",
- "country_name": "string",
- "count": 0
}
]Retrieve detailed information about threat actors
| name | string Threat actor name to search for |
| limit | integer [ 1 .. 50 ] Default: 10 Maximum number of results to return |
| id required | integer Unique identifier for the threat actor |
| name required | string Name of the threat actor |
| first_seen required | string <date-time> Date when this threat actor was first observed |
| last_seen required | string <date-time> Date when this threat actor was last observed |
| network | string Network or platform where the actor is active |
| bad_karma required | integer [ 0 .. 100 ] Risk score from 0-100, where higher values indicate higher risk |
[- {
- "id": 0,
- "name": "string",
- "first_seen": "2019-08-24T14:15:22Z",
- "last_seen": "2019-08-24T14:15:22Z",
- "network": "string",
- "bad_karma": 100
}
]