The search engine of deep web and cybersecurity.

See how ThreatHose works.

Request Demo

SOCRadar opens the door of the deep web in a secure and easy way. Search on the deep web hacker forums, digital assets (IP addresses, domains, etc.), hashes, or any keyword mentioned in the deep web sites without any subscription or providing personal data in a secure environment. SOCRadar’s ThreatHose is the peeping hole to the deep web.

We’ve got you covered


Data breaches

Deep web

Paste sites

Hacker forums




and more...

Big Threat-Share Data Search

Get important threat information securely

Get up-to-date data feeds about cybersecurity news, IoC/feed data, deep web information. Search for;

  • Your own assets (domain, IP address)
  • Suspicious IP address or a domain used by a specific threat actor
  • Information in the IRC, Telegram, Discord, and ICQ channels used by hacker

Threat hunting with advanced search capabilities

With its advanced search capabilities, ThreatHose enables users to execute threat hunting on a common threat-share platform.

Learn trending TTPs and APT threat groups

ThreatHose is a great tool to get trends about threat actors such as APT groups and their tactics, techniques, and procedures (TTPs) that can be used with MITRE ATT&CK framework.


ThreatHose can provide coherent protection with integrations with SOAR, firewall, SIEM, and EDR.

More SOCRadar modules

SOCRadar combines external attack surface management, digital risk protection, and threat intelligence capabilities to improve your security posture.