Labs

Known Networks

Powerful & Unique Network Analysis

Known Networks® Web Services offers a platform for building innovative network information solutions and services based on our vast repository of information about global networks and the structure of the internet. It allows developers, researchers, security analysts, and insider threat specialists to incorporate information about existing and identified networks directly into their products and services. Users can access network ranges, tenant organizations, types of services provided, and a wide variety of other functionality and data. It’s also customizable and extensible, allowing users to add information about customers networks and comment on network ranges.

JediBadger

Easy-to-Use Threat Intelligence Feed

The JediBadger data feed enables clients to create their own threat intelligence feed. The JediBadger repository provides information on over 300 million malicious entities worldwide, spanning two years of complete historical coverage.

Shadow Warrior

Anonymous Proxy Network Feed

Shadow Warrior was created to counter widespread blocking of anonymous proxy traffic, organizations’ implemented hidden bridges, as well as unannounced entryways into the anonymous proxy network. These hidden bridges are always changing, while remaining unpublished, and unlisted; there is less than a 1% overlap with publicly available bridges. While intended for dissidents in areas ruled by oppressive regimes (such as Iran & Syria), these hidden bridges function incredibly well for data exfiltration. Other commercial lists only detail advertised anonymous proxy nodes, but the Shadow Warrior Data Feed actively acquires hidden bridges.

PhishFry

Phishing Data APIs

PhishFry enables organizations of any size to proactively identify – and defend – against potential ransomware threats. This dynamic threat intelligence feed provides network address spaces and domain names that are either suspected of, or confirmed as, being involved with the distribution or command and control of ransomware scripts/code. The network addresses/domains can be used to perform preemptive blocking of ransomware actors, or used retroactively to enrich/give context to “after the fact” analysis.