MSP Dark Intel API Platform

Interactive API Documentation

Comprehensive API playground for searching compromised data from infostealer malware, ULPs (User Login Profiles), and public data breaches. Test endpoints, explore parameters, and integrate our powerful dark web monitoring capabilities into your applications.

Authentication

Enter your API key to test the endpoints. Contact [email protected] to get your API credentials.

X-MSPDARKINTEL-TOKEN

Available Endpoints

Search malware logs using custom queries and filters. Results sorted by upload date (newest first).

GET /api/v1/search_infostealer_data

Purpose: Search through compromised credentials from infostealer malware

Data includes: Email addresses, passwords, URLs, domains, compromise dates, malware families

Request Parameters

Configure your API request parameters

Query (Required)

Search term (domain, email, password, etc.)

Fields to Search

Leave empty to search all fields

Results per page

Page

Date Field

Start Date

End Date

Search After Date

Cannot be used together with Start/End Date filters

Test the API with your configured parameters

Generated cURL Command

Ready-to-use command for terminal execution

curl -X GET "https://api.mspdarkintel.com/api/v1/search_infostealer_data?query=example.com" \
  -H "X-MSPDARKINTEL-TOKEN: YOUR_API_KEY" \
  -H "Content-Type: application/json"

API Response

Live response data or example output

JSON Response

{
  "total": 7161,
  "hits": [
    {
      "date.upload": "2025-05-12T15:18:48.349287573Z",
      "credshash": "d199ffa689e471f7bc968b1b9a7cea12",
      "password": "********",
      "date.compromise": "2025-01-27T00:00:00.000Z",
      "host.country": "Zimbabwe",
      "email.domain": "example.com",
      "url.path": "http://www.bank.skillsbook.com.au",
      "meta_id": "79bd9f8bc112a258c35f5fd2b5bb25de",
      "stealer.family": "LummaC2",
      "email.address": "user1@example.com",
      "url.domain": "www.bank.skillsbook.com.au",
      "hash": "48b3775e87d702ebfd53b86b4da8e6e9"
    }
  ],
  "search_after": [
    1747063121399
  ],
  "warning": "This query matched 7161 results, but only the first 5000 can be retrieved (maximum 500 pages). Please refine your search criteria if needed.",
  "current_page": 1,
  "total_pages": 500
}

Response Format

Understanding the API response structure

Common Response Fields

total
- Total number of results
hits
- Array of result objects
current_page
- Current page number
total_pages
- Total pages available
search_after
- Pagination cursor

Error Handling

400
- Bad Request (invalid parameters)
401
- Unauthorized (invalid API key)
422
- Validation Error
500
- Internal Server Error