Post Filters
Use case | Query |
---|---|
Search for posts that indicate illegal activity in darknet marketplaces | text:"Selling credit card" AND site.type:market |
Search for mentions of an organization in a specific site | title:”ACME Resorts” AND site.domain:raidforums.com |
Search for content in a specific language on a darknet message board or forum | (language:russian site.type:discussions |
Search for content that was published in a certain time frame from a specific source | site.name:4chan (published:>1596240000000 published:<1599550000000) |
Search for posts that include routers' default gateway IP (might indicate a cyber risk ) | enriched.ip.value:(127.0.0.1 OR 192.168.0.1 OR 10.0.0.1) |
Thread Filters
Use case | Query |
---|---|
Searching for a group/channel in one of the chat networks | thread.url:"https://t.me/Fullz" |
Searching for posts from a specific section in the site | thread.site_section:"https://raidforums.com/Forum-Databases" |
Searching for a thread with a specific topic and a minimum count of participants and comments | thread.title:"openbullet" thread.participants_count:>5 thread.replies_count:>10 |
Extended Filters
Use case | Query |
---|---|
Searching for external links on sites with specific suffixes | extended.external_link:*.onion |
Searching for content related to drug trafficking in login-protected sites | extended.required_login:true enriched.category:drugs |
Filter by network | extended.network:telegram |
Enriched Filters
Use case | Query |
---|---|
Filter by category | enriched.category:financial |
Searching for mentions of emails from a specific domain | enriched.email.value:*@acme.com |
Searching for specific phone values | enriched.phone.value:*15159992896 |
Searching for credit card leaks | enriched.credit_card.count:>5 enriched.category:pii |