Prescient leverages proprietary investigative tools, industry-leading monitoring technology, and a proprietary database including over 40 billion records to mitigate risks posed by data breaches and adversarial actors. We offer dark web intelligence in the form of assessments, monitoring, and direct access to our proprietary datasets via API.

Sources Include:

  • Cyber black markets: Underground e-commerce websites used for trading illegal goods, including malware, cyber-attack tools, access to compromised networks, and PII.
  • Hacker communities: Forums/groups that contain leaked/stolen digital assets and PII, as well as information regarding hackers’ Tools/Tactics Techniques and Procedures (TTPs) and malicious intentions.
  • Dark Web search engines and directories: Search engines/directories that work exclusively in the Dark Web to map cyber black markets and other web locations.
  • Paste sites: Websites that are often used by hackers to publish leaked credentials and other data sets stolen from compromised networks.
  • In-house leaked credential repository: Our constantly growing in-house repository includes billions of credentials we identified in different Deep Web locations and closed hacker forums.


We leverage one of the world’s largest breached credential and compromised PII repositories in the world. With over 40 billion records and millions of new records added daily from deep and dark web sources around the globe, our data is truly at the cutting edge of cyber threat intelligence. This data is essential for any online investigation, especially those involving adversarial or anonymous threat actors, as well as tracking an individual or company’s breach exposure / account takeover (ATO) risk.


To provide crucial insight into a client’s dark web exposure, our team is adept at navigating and collecting from hacker and political extremist groups, black markets, messaging platforms like Telegram and Discord, paste sites, leaked credential repositories, dark web blogs, forums, and message boards, among others.


We begin with identifiers provided by the client (name, home address, email, company domain, etc.) and then conduct research to discover additional identifiers including IP addresses, usernames used on social media sites and forums, passwords, additional emails, etc. We then search for any references to the client to include identifying “hacktivist” campaigns, targeted malware, insider threats, PII (freely traded or for sale in marketplaces), and more. This service can be provided on a one-time basis or as a managed service.

Contact Prescient