Darkside OSINT Repository

District 4 Labs is a data intelligence company focused on developing next-generation open-source intelligence (OSINT) tools. At the forefront of its offerings is DARKSIDE—one of the world’s largest repositories of breached data and other person-of-interest records. Built by investigators for investigators, DARKSIDE empowers professionals to conduct more effective and efficient investigations from tracing threat actors and identifying their online footprints to uncovering the individuals behind online accounts and their hidden connections. 

DARKSIDE is an essential asset in the modern intelligence toolkit. DARKSIDE is laser-focused on personally identifiable information (PII) and includes hacked databases, combolists, scraped datasets, compromised public records like voter records or traffic stop records, malware dumps, and more. DARKSIDE contains databases from all over the world from at least the past 20+ years, from Iranian bank breaches to Russian traffic stop records to Honduran voter records and much more. As long as a database contains PII, District 4 Labs will ingest and upload it to DARKSIDE. 

We intensively parse every database to ensure the extraction of everything from common identifiers like email addresses, usernames, names, and passwords to less common or sensitive identifiers such as passport numbers, license plate numbers, account creation dates, and much more. Investigators and analysts can search by email address, username/alias, name, password, IP address/CIDR, domain, phone number, and more. The data has been indexed to allow for flexible searching via wildcards, strictness parameters, and even complex searches by multiple identifiers at the same time. By pivoting on newly-found identifiers, users can reveal additional identifiers and accounts associated with a person of interest that were previously unknown. Breached credentials are especially pivotal in the investigation of threat actors because even individuals with strong operational security (OPSEC) make small mistakes like reusing email addresses, usernames, or passwords across different platforms. Historical databases from older accounts, created before a person of interest adopted rigorous OPSEC techniques, can often reveal additional identifiers or patterns in username or password selection.