DATA API
SOLUTIONS
KNOWLEDGE
HELP CENTER
COMPANY
|
LOGIN
OPEN WEB
Infuse applications with news data
Cover the entire blogosphere
Follow conversations around the web
Access structured customer feedback
Train machines with historical data
DARK WEB
Uncover threats across the dark web
Detect compromised PII across the web
TECHNOLOGIES
Go from raw data to pure power
Follow trends across millions of media sources
Constantly track suspicious web activity
Get a real-time feed of potential
risks
Sharpen predictions with historical datasets
Scan PII in real-time to catch breaches early
Stop cyber criminals with covert activity tracking

Dark Web Data APIPut your Machine
into Action

The world’s most powerful dark web feed is a few clicks away,
now your machines can monitor risks in real time

Dark Web Data APIPut your Machine into Action

The world’s most powerful dark web feed is a few clicks away, now your machines can monitor risks in real time

The Most Trusted Names in Threat Intelligence

Dark Web DataOn Guard

Webz.io is on the lookout for your next threat. It crawls, collects and indexes real-time data from dark web networks, feeding your machine with the relevant data in the right context.
Crawls millions of sites, forums, marketplaces and others sites in the deep and dark web.
Transforms dark web data into standardized and structure data feeds.
Extracts encrypted and password-protected illicit content, indexed by entities, keywords, sites and more.
Crawls millions of sites, forums, marketplaces and others sites in the deep and dark web.
Transforms dark web data into standardized and structure data feeds.
Extracts encrypted and password-protected illicit content, indexed by entities, keywords, sites and more.

Going where the data is

logos

Secret IntelligenceReady for Machines

Dynamic Profiling
Enriched data feed with quick profiling of threat agents, groups and relevant platforms
Unrivaled coverage
of dark and deep web sources with millions of sites, forums, marketplaces, and messaging platforms crawled daily in multiple languages.
Constant Monitoring
Collects and structures critical information to help your machine identify, classify, and take quick action
Dynamic Profiling
Enriched data feed with quick profiling of threat agents, groups and relevant platforms
Unrivaled coverage
of dark and deep web sources with millions of sites, forums, marketplaces, and messaging platforms crawled daily in multiple languages.
Constant Monitoring
Collects and structures critical information to help your machine identify, classify, and take quick action

Safety in Numbers

15M
Monthly Dark
Web Posts
3M
Monthly Closed
Forums Posts
2.5M
Monthly Extremist
Social Media Posts
1M
Monthly
SHacking Posts
15M
Monthly Dark
Web Posts
3M
Monthly Closed
Forums Posts
2.5M
Monthly Extremist
Social Media Posts
1M
Monthly
SHacking Posts

built for your machines.Made for What You Do.

Digital Risk Protection
Fraud Detection
Brand Protection
Web Intelligence
Cryptocurrency Investigation
Digital Risk Protection
Digital Risk Protection
Gain contextualized real-time insight to protect organizations from cyber risks, including cyber attacks, ransomware and phishing.
Digital Risk Protection
Digital Risk Protection
Digital Risk Protection
Gain contextualized real-time insight to protect organizations from cyber risks, including cyber attacks, ransomware and phishing.
Fraud Detection
Brand Protection
Web Intelligence
Cryptocurrency Investigation

SEEWhat Machines See

Explore the perfectly structured JSON format from the following query

See below filtered results in JSON format from the following query:
Query:

{

cyberDocs: [

{

url: "https://bitbin.it/JIbUubiV/" ,

uuid: "2ab0386122c244d6a2e429f538e67c0a96f320f2" ,

parent_uuid: "2ab0386122c244d6a2e429f538e67c0a96f320f2" ,

title: "Ryuk 2.0 Ransomware" ,

text: "Ryuk 2.0 Ransomware (ransomware) This crypto ransomware encrypts business user and enterprise data with AES + RSA and then demands a 15-50 BTC ransom to get the files back. Original title: Ryuk . The file says: horrible. Development environment: Visual Studio 2015 or newer. Some researchers believe that the well-known Lazarus Group is behind the development and implementation. According to other sources, the group calls itself the Wizard Spider. In the West, they believe that this is a Russian group, but it is unsubstantiated. As they say: There are three types of lies: lies, blatant lies and statistics. Price: 1200$ Connection: str******@ro.ru Telegram: HAUNTED_01 https://satoshi-box.com/pay/CCfMlo" ,

highlightText: "" ,

highlightTitle: "" ,

author: [

"StreetAthlet228btc"

] ,

author_extended: [

{

display_name: "StreetAthlet228btc" ,

user_id: NULL ,

user_link: NULL

] ,

language: "english" ,

referring_url: NULL ,

referring_file_type: NULL ,

rating: NULL ,

published: "2021-06-13T14:31:00.000+03:00" ,

site: {

name: "BitBin" ,

is_live: true ,

domain: "bitbin.it" ,

type: "paste" ,

country: "IT" ,

categories: NULL

} ,

thread: {

url: "https://bitbin.it/JIbUubiV/" ,

uuid: "2ab0386122c244d6a2e429f538e67c0a96f320f2" ,

title: "Ryuk 2.0 Ransomware" ,

full_title: "Ryuk 2.0 Ransomware - BitBin" ,

published: "2021-06-13T14:31:00.000+03:00" ,

site_section: "https://bitbin.it/" ,

section_title: "BitBin" ,

replies_count: 0 ,

participants_count: 1 ,

spam_score: 0.32 ,

main_image: ""

} ,

ord_in_thread: 0 ,

extended: {

external_links: [

"https://satoshi-box.com/pay/CCfMlo"

] ,

external_images: [ ] ,

external_videos: [ ] ,

file_links: [ ] ,

file_type: "html" ,

network: "openweb" ,

required_login: false

} ,

enriched: {

categories: [

"hacking"

] ,

persons: {

value: [

"ryuk"

] ,

count: 1

} ,

organizations: {

value: [

"lazarus group" ,

"aes"

] ,

count: 2

} ,

locations: {

value: [

"west"

] ,

count: 1

} ,

emails: {

value: [

"str******@ro.ru"

] ,

count: 1

} ,

phones: NULL ,

credit_cards: NULL ,

ssns: NULL ,

wallet_ids: NULL ,

ips: NULL ,

domains: {

value: [

"satoshi-box.com"

] ,

count: 1

}

} ,

crawled: "2021-06-13T15:41:08.550+03:00" ,

updated: "2021-06-13T15:41:08.550+03:00" ,

cache_link: "/dark-cache?token=a948bd43-9517-413c-a844-bc50be66d494&id=A5R8Llu2PYWDuBEkurW3clPFkDDUuz3nCUKyVB0d1-fr8W7Ys1noVPh_lfTIUvoj"

] ,

totalResults: 1 ,

moreResultsAvailable: 0 ,

next: "/cyberFilter?token=a948bd43-9517-413c-a844-bc50be66d494&format=html&ts=1623588068550&q=uuid%3A2ab0386122c244d6a2e429f538e67c0a96f320f2" ,

requestsLeft: 49301 ,

warnings: NULL

For more information, check out our Developer Hub which contains helpful
Documentation, Video Tutorials, Use Cases and more
See below filtered results in JSON format from the following query:
Query:

{

cyberDocs: [

{

url: "https://bitbin.it/JIbUubiV/" ,

uuid: "2ab0386122c244d6a2e429f538e67c0a96f320f2" ,

parent_uuid: "2ab0386122c244d6a2e429f538e67c0a96f320f2" ,

title: "Ryuk 2.0 Ransomware" ,

text: "Ryuk 2.0 Ransomware (ransomware) This crypto ransomware encrypts business user and enterprise data with AES + RSA and then demands a 15-50 BTC ransom to get the files back. Original title: Ryuk . The file says: horrible. Development environment: Visual Studio 2015 or newer. Some researchers believe that the well-known Lazarus Group is behind the development and implementation. According to other sources, the group calls itself the Wizard Spider. In the West, they believe that this is a Russian group, but it is unsubstantiated. As they say: There are three types of lies: lies, blatant lies and statistics. Price: 1200$ Connection: str******@ro.ru Telegram: HAUNTED_01 https://satoshi-box.com/pay/CCfMlo" ,

highlightText: "" ,

highlightTitle: "" ,

author: [

"StreetAthlet228btc"

] ,

author_extended: [

{

display_name: "StreetAthlet228btc" ,

user_id: NULL ,

user_link: NULL

] ,

language: "english" ,

referring_url: NULL ,

referring_file_type: NULL ,

rating: NULL ,

published: "2021-06-13T14:31:00.000+03:00" ,

site: {

name: "BitBin" ,

is_live: true ,

domain: "bitbin.it" ,

type: "paste" ,

country: "IT" ,

categories: NULL

} ,

thread: {

url: "https://bitbin.it/JIbUubiV/" ,

uuid: "2ab0386122c244d6a2e429f538e67c0a96f320f2" ,

title: "Ryuk 2.0 Ransomware" ,

full_title: "Ryuk 2.0 Ransomware - BitBin" ,

published: "2021-06-13T14:31:00.000+03:00" ,

site_section: "https://bitbin.it/" ,

section_title: "BitBin" ,

replies_count: 0 ,

participants_count: 1 ,

spam_score: 0.32 ,

main_image: ""

} ,

ord_in_thread: 0 ,

extended: {

external_links: [

"https://satoshi-box.com/pay/CCfMlo"

] ,

external_images: [ ] ,

external_videos: [ ] ,

file_links: [ ] ,

file_type: "html" ,

network: "openweb" ,

required_login: false

} ,

enriched: {

categories: [

"hacking"

] ,

persons: {

value: [

"ryuk"

] ,

count: 1

} ,

organizations: {

value: [

"lazarus group" ,

"aes"

] ,

count: 2

} ,

locations: {

value: [

"west"

] ,

count: 1

} ,

emails: {

value: [

"str******@ro.ru"

] ,

count: 1

} ,

phones: NULL ,

credit_cards: NULL ,

ssns: NULL ,

wallet_ids: NULL ,

ips: NULL ,

domains: {

value: [

"satoshi-box.com"

] ,

count: 1

}

} ,

crawled: "2021-06-13T15:41:08.550+03:00" ,

updated: "2021-06-13T15:41:08.550+03:00" ,

cache_link: "/dark-cache?token=a948bd43-9517-413c-a844-bc50be66d494&id=A5R8Llu2PYWDuBEkurW3clPFkDDUuz3nCUKyVB0d1-fr8W7Ys1noVPh_lfTIUvoj"

] ,

totalResults: 1 ,

moreResultsAvailable: 0 ,

next: "/cyberFilter?token=a948bd43-9517-413c-a844-bc50be66d494&format=html&ts=1623588068550&q=uuid%3A2ab0386122c244d6a2e429f538e67c0a96f320f2" ,

requestsLeft: 49301 ,

warnings: NULL

For more information, check out our Developer Hub which contains helpful Documentation, Video Tutorials, Use Cases and more

NOW MACHINES REALIZEThe Power of Knowledge

With Webz.io’s enriched and elastic Darknet API filters

Site Context
Get the full context with publication time, author, User ID and site info.
Extended Data
Never miss key data by viewing all files, images and videos.
Enrichments
Enrich your data feed with categories and entities, including IPs, domains, keywords,crypto addresses, email addresses, credit cards and more.

{

uuid: "4cf1dee756027361087b9ff1fb250e2f4c187a53" ,

author: [

"Foxprox"

] ,

author_extended: [

{

display_name: "Foxprox" ,

user_id: "236677" ,

user_link: "https://xss.is/members/236677/"

] ,

language: "russian" ,

site: {

name: "XSS" ,

is_live: true ,

domain: "xss.is" ,

type: "discussions" ,

country: "RU"

}

Site Context
Get the full context with publication time, author, User ID and site info.

{

uuid: "4cf1dee756027361087b9ff1fb250e2f4c187a53" ,

author: [

"Foxprox"

] ,

author_extended: [

{

display_name: "Foxprox" ,

user_id: "236677" ,

user_link: "https://xss.is/members/236677/"

] ,

language: "russian" ,

site: {

name: "XSS" ,

is_live: true ,

domain: "xss.is" ,

type: "discussions" ,

country: "RU"

}

Extended Data
Never miss key data by viewing all files, images and videos.
Enrichments
Enrich your data feed with categories and entities, including IPs, domains, keywords,crypto addresses, email addresses, credit cards and more.

See Webz.ioIn Action

Experience the True Power of
Machine-Defined Data

web data

HAVE AQuestion?

GET MORE HELP

The dark web, sometimes referred to as the darknet, is often used for illegal activities carried out by individuals operating in anonymity. These activities include the sale of stolen private data and hacking tools, including trading of vulnerabilities and exploits, announcements of new breaches, publications of hacking groups, such as DarkSide group, discussions of cyber tactics and techniques and more. Other illegal activities include exchange of drugs and weapons, the distribution of child pornography, and other criminal activities.

Yes. A key part of brand protection is the detection phase. By monitoring marketplaces, chat applications, and hacker forums on the dark web, you can find a variety of information that infringes on your brand’s intellectual property. For example, on marketplaces, you will be able to find leaked data of companies, their executives and employees, and counterfeit goods. On chat applications, you will also see leaked information such as account details, credit cards details of customers and employees.

Companies that look to protect their business are increasingly aware of the need to take a proactive approach and invest in upgrading their capabilities to detect and respond to external threats in the digital space. The threats that can be found on marketplaces and forums on the dark web include early indicators of future attacks, such as the sale of attack vectors like compromised credentials, vulnerabilities, cookies and others. You can also find discussions between hackers, hacking recruitments, ransomware developments and ready-made phishing pages. These activities expose organizations to various risks, including threats to physical assets, and digital assets, including domains, IPs, certificates and more.

Yes, we cover Telegram. We use automatic search engines to monitor millions of channels, groups, messages and even special events every day to track new illicit content. The content we regularly find include hacking, drugs and financial fraud.

Finding new sources is part of what we do at Webz.io. We developed powerful automated search engines, which use machine learning technology to adapt to each site we crawl, automatically classify the content, and transform it into a feed of illicit content only. In addition, our cyber analysts also continuously assess and add new sources to our data feeds and make sure we’re not missing anything. We can easily add new sources to our feeds so we encourage our customers to contact us if they spot a source they find.

Yes. You don’t have to take a risk and access the dark web, Webz.io does it for you. The data feeds you receive are not connected to the collection process. When you put a query in, you will receive text and links, all safe for use.

Dark web monitoring is an important tool in cybersecurity. It is used to monitor the parts of the internet that are not indexed, making them inaccessible on popular search engines or web browsers. Using dark web monitoring, individuals and organizations are able to keep their information safe and receive real time alerts in case of a breach which puts them, their assets, or their network in danger.

Early detection plays a key role in preventing and mitigating cyber attacks, ransomware, and even identity theft. Webz.io’s Dark Web Monitoring API crawls the depths of the dark web to collect and deliver customized and contextualized alerts in real-time.

The dark web is often used to conduct illegal digital activity, including the sale of private data such as credit card numbers and social security numbers (SSN), hacking discussions on real-time breaches of business domains, technical discussion on exploits, phishing and more. We also find conventional crimes on the dark web such as child pornography and human trafficking. Dark web monitoring can help you protect your information online, and prevent cybersecurity threats by monitoring and alerting you to breaches in real-time.

Webz.io’s Dark Web Data API alerts you each time a keyword you choose to monitor appears. These keywords can include your brand name, your website, your email address, or even entities such as a wallet ID or cryptocurrency.

Feed Your Machines
The Data They Need

Feed Your Machines The Data They Need