Dark-Web Sentinel

AI-powered threat intelligence platform that scans for digital threats and exploit chatter with an interactive AI analyst, giving you instant, actionable insights to stay ahead of emerging threats.

Comment

Inspiration

The rise of sophisticated cyber threats and the growing use of the dark web for illicit activities inspired me to build a platform that empowers security teams to proactively defend their organisations. We want to translate complex underground threat data into simple, actionable alerts, empowering users to find and stop threats faster.

What it does

  • Monitors & Collects Data: Continuously scans dark web forums, marketplaces, and other sources with custom scrapers, while also allowing users to integrate their own data feeds.

  • Identifies & Prioritizes Threats: Leverages a machine learning model to analyze the collected data, automatically identifying and ranking emerging threats. Users can filter results by date.

  • Explains & Guides Action: Features SENTINEL, an AI-powered virtual assistant that provides clear, easy-to-understand explanations for each threat and generates concrete steps for mitigation. Clicking on "More Info" shows the sources and information about the threat from youtube videos, articles, blogs, etc.

  • Visualizes & Reports: Presents real-time threat summaries and context on a centralized dashboard and generates on-demand PDF intelligence briefs for reporting and sharing.

How we built it

  • Backend: Python FastAPI for the API, with modular scrapers targeting forums and marketplaces, and a machine learning model for threat detection.
  • Frontend: React + TypeScript dashboard with Tailwind CSS for a modern UI, including attractive visualisations and interactive threat cards.
  • Integrations: LiteLLM integration for AI Assistant, PDF generation for intelligence reporting, and API endpoints for workflow integration.
  • DevOps: Dockerized services.

Challenges we ran into

  • Ensuring reliable scraping from constantly changing dark web sources.
  • Training the ML model to minimize false positives and adapt to new threat patterns.
  • Designing a responsive UI that balances rich context with usability.
  • Handling secure PDF generation and export without leaking sensitive data.

Accomplishments that we're proud of

  • Achieved robust, scalable scraping and threat detection with minimal manual intervention.
  • Built a dashboard that security analysts genuinely enjoy using.
  • Integrated Sentinel, a virtual assistant, and PDF export, streamlining the intelligence workflow.
  • Created a modular system that can be extended to new sources and threat types.

What we learned

  • The importance of modular, resilient code when dealing with unpredictable data sources.
  • How to fine-tune ML models for real-world, imbalanced datasets.
  • The value of user feedback in shaping both backend and frontend features.

What's next for Dark-Web Sentinel

  • Expanding coverage to more dark web sources and languages.
  • Enhancing the AI model with continuous learning and user feedback loops.
  • Adding automated alerting and playbook-driven response actions.
  • Deeper integrations with SIEM/SOAR platforms and enterprise security tools.

Built With

Share this project:

Updates