Getting Started
Welcome to the NordStellar Dark Web API documentation! This guide will help you integrate our powerful security solutions into your applications and services.
Overview
The NordStellar Dark Web API provides comprehensive access to our data breach intelligence platform, enabling organizations to integrate real-time security monitoring and alerting capabilities directly into their existing infrastructure. This API allows you to proactively protect your users by detecting when their sensitive information has been compromised in data breaches across the internet.
Key Features
- Real-time Breach Monitoring: Receive immediate notifications when user data appears in newly discovered data breaches.
- Zero-Knowledge Architecture: Search for compromised sensitive data (credit cards, national identification numbers) using secure hash-based methods that never transmit the actual sensitive information.
- Comprehensive Data Sources: Access intelligence from multiple sources including corporate data breaches, malware infection logs, and stolen credential lists.
- Flexible Integration Options: Support for webhook notifications, bulk operations, and subscription management to fit your organization's unique requirements.
- Enterprise-Grade Security: Secure authentication methods, rate limiting, and quota management to ensure responsible and controlled API usage.
Data Sources
Our Dark Web API gathers intelligence from three main sources:
Data Breaches
Publicly disclosed data breaches from various websites and online services. Data breaches may contain up to 60 different data points, including email addresses, passwords, names, addresses, and more.
Malware Infections (Infostealers)
Data extracted from devices infected with information-stealing malware. This includes credentials, cookies, autofill data, files, and more. Our API currently monitors 30+ different infostealer types that target various assets.
Credential Lists (Combo Lists)
Aggregated lists of compromised credentials circulating on the dark web and other forums. These lists typically contain email and password combinations that are used in credential stuffing attacks.
Getting Started
To start using the NordStellar Dark Web API, follow these steps:
1. Obtain API Credentials
Contact your account manager to receive API credentials. Depending on your integration needs, you'll receive either:
- Basic authentication credentials (username and password)
- An API key for most endpoint access
2. Choose Your Integration Method
The API supports several integration methods:
- Direct Data Lookup: Query for specific assets (email addresses, phone numbers, domains)
- Zero-Knowledge Lookups: Search for sensitive data like credit cards or national identification numbers without transmitting the actual values
- Subscription-Based Monitoring: Set up continuous monitoring for specific assets with webhook notifications for new breaches
3. Review API Rate Limits and Quotas
The API uses rate limits to ensure fair usage across all customers:
- Rate limits restrict how many requests you can make per second/minute
- Quotas define the total number of requests allowed in your subscription period
Each API response includes headers with your current limit and remaining quota information:
X-RateLimit-Limit/X-RateLimit-Remaining: For per-minute rate limitingX-Quota-Limit/X-Quota-Remaining: For overall usage quotas
4. Set Up Your Development Environment
To effectively work with the API, we recommend:
- Using an API client like Postman for initial testing
- Implementing proper error handling in your code
- Setting up monitoring for your quota usage
Next Steps
Now that you understand the basics, you can explore:
- Authentication - Learn about authentication methods and token management
- Use Cases - Discover common integration patterns and scenarios
- Data Categories - Understand the different types of data available
- API Reference - Explore the complete API endpoint documentation
Need Help?
If you encounter any issues or have questions, contact your account manager or our technical support team.