ShadowDragon develops digital tools that simplify the complexities of modern investigations that involve multiple online environments and technologies. Developed by seasoned cyber investigators, these solutions strengthen the capabilities of in house teams by enabling the easy and safe collection, correlation and verification of diverse artifacts on the open, deep and dark web.
ShadowDragon tools were first developed by its sister cyber security company, Packet Ninjas. For nearly decade Packet Ninjas refined these applications for their own use in multi-national cases involving everything from cyber intrusions and corporate espionage, to advanced attribution and real time situational awareness. ShadowDragon was established in 2015 to license the tools to customers.
Unleash your OSINT and push the envelope.
The best OSINT data, on your terms.
Purpose-built for investigations
Quickly create manual graphs or explore your investigativedatasets with purpose-built transforms through your browser.
Full data access
ShadowDragon’s SocialNet and MalNet APIs or Shodan.io.
Cloud-based access means you can swiftly deploy access where you need it for on-the-ground investigations or team collaboration needs.
Unparalleled speed for unencumbered investigations and easy data storytelling at a moment’s notice
Encrypted data at rest and two-factor authentication, so your case files remain secure
Designed for Investigations of Any Scale and Speed
Nothing should stand in the way of your objective, especially your link analysis platform. Horizon’s browser-based link analysis lets you do investigations your way. Easily create graphs to explore your hunches or dive deeply into data
Anti-Malware Investigations & Response
MalNet brings together the industry’s most extensive malware threat information from Proofpoint ET Intelligence with Maltego link analysis capabilities from ShadowDragon. MalNet enables incident responders, threat analysts and law enforcement to identify and visualize malware connections in just seconds to expedite investigations, response, and malware protection.
ClearSky and Trend Micro exposed CopyKittens as an active cyber espionage actor who has targeted governments and large companies in the United States, Europe and Middle East. MalNet was used to help identify an infrastructure that used known malware and newly uncovered code and tools.
From 2016 – 2017, attackers used malware in continual attempts to breach IEC – Israel’s largest source of electrical power. Clearsky Security is investigating the attribution behind these attacks, using MalNet to support their process and attribute artifacts.