DarkPulse
DarkPulse Live Intelligence Console
DP
admin Administrator
Automation One-Click Intelligence Update

Start a hidden fast sync. Cached records stay visible while new dated intelligence is added to MongoDB.

Original intelligence text

Overview
01
Command Center Impact map and live hotspots
02
Live Feed All restored intelligence items
Intel Streams
N
News Security reporting and advisories
L
Leaks Breach tracking, disclosures, dumps
D
Defacement Targeted website defacement activity
E
Exploits Weaponized exploits and PoCs
S
Social Forum and channel monitoring
A
API Tools Collected API outputs and scanners
Lookup & Exposure
PK
National Identity Entity and phone lookup workflow
CC
Credential Checker Search local stealer-log JSON datasets
CD
Confidential Data Guarded review for sensitive document evidence
SO
SEO Checker Full report for website audits
RS
Repository Scan GitHub vulnerability analysis
App & Software Scans
PS
Play Store Search for modded APK versions
PC
PC Game Scan Search for PC games and mods
Operations
HM
Healing Monitor HTML drift, selector breakage, auto-fix status
LS
Leak Sources Every leak script, Mongo docs, and crawl result
DC
Documentation Guides, features, workflows, and operating notes
AC
Account Profile and system settings
U
Users Approval and access management

DarkPulse Live

Command Center

Leaks and defacement activity are highlighted in red with restored MongoDB data behind the feed.

/ Routing semantic search...
Connected Updated just now
Automation Idle

No intelligence update is running

Press Scan Now to run a headless background sync while existing dashboard records stay available.

Total 0
News 0
Leaks 0
Defacement 0
Exploit 0
Social 0
API 0
Affected Countries 0
Leak Coverage 0
Deface Coverage 0
Credential Matches 0
Credential Files 0
Confidential Findings 0

Global Impact Map

Countries hit by leak and defacement activity

Affected regions are highlighted in red across the live heat map, with the active country and leak total rotating automatically from the restored dataset.

Affected Countries 0
Leak Coverage 0
Defacement Coverage 0
Country Loading... Leaks 0
Affected Countries Leak / Defacement
Latest Activity Click to inspect full JSON

Feed

Restored intelligence feed

0 results loaded
Active Filters No feed filters applied.

Semantic Route

Searching restored intelligence

DarkPulse will route your query into the most relevant intelligence stream and show stored matches from the local system.

No matching records

Try a different search term or switch to another intelligence stream.

Administration

User Management

Access Requests and Analysts

Approve pending users, reject invalid requests, and manage analyst access from one place.

Name Username Email Role Status Actions

Password Recovery Queue

Operators can request access recovery from the login page. Review the request, contact the analyst, and mark it handled here.

Requested By Identity Message Status Created Actions

Lookup

National Identity Search

Export Lookup Download the current identity lookup result set.

Exposure Review

Credential Checker

Saved server files inside data/credential_checker load into Mongo automatically. Search reads backend data on localhost:9000; upload is only optional.

Export Exposure Review Download the current redacted credential-checker search result set.
Search Elapsed 0 ms
Results 0
Hosts 0
Matched Files 0

Restricted Review

Confidential Data

Sensitive Evidence

Masked payment and credential exposure review

This tool is for authorised defensive analysis only. Sensitive values are masked and raw secrets are never displayed or stored.

Local file analysis

Upload .txt, .csv, .json, or .log files. Processing happens locally on this server at runtime; uploaded files are not saved permanently.

Detected records are only potential matches and must be verified by an authorised analyst. CVV, passwords, tokens, and card values are redacted before rendering.

Elapsed 0 ms
Findings 0
High Risk 0
Export Masked Findings Exports contain masked values and detection metadata only.
Record ID Detected Type Masked Value Card Brand Guess Expiry Date Detection Confidence Risk Level Status Timestamp Actions
Upload a local file to begin masked defensive analysis.

Digital Footprint

SEO Analysis Tool

Export SEO Report Download the latest SEO analysis as JSON or PDF.
Security Posture

Report for ...

Snapshot of core endpoint metadata and scan context.

- Analysis
Target URL -
Host -
Port 443
TLS Status Ssl Enabled
Scanned On -
Scanned By DarkPulse Intelligence

AI Recommendations

SEO Audits Findings (0)

Digital Forensics

Playstore Scanner

Checks for cracked key signals for the provided Play Store URL.

Export Playstore Scan Download the current Playstore scanner result set.
API TYPE cracked
TOTAL RESULTS 0
QUERY -

Digital Forensics

PC Game Scan

Checks for cracked mirrors of known softwares.

Export PC Game Scan Download the current PC game scan result set.
API TYPE software
TOTAL RESULTS 0
QUERY 1 -

Security Posture

Repository Scan

Export Repository Scan Download the latest repository posture report as JSON or PDF.
Vulnerability Analysis

Report for ...

Trivy scan results for the provided repository.

- Scan
Target URL -
Risk Score 0
Findings -
Status Complete
Scanned On -
Scanned By DarkPulse / Trivy

How to Reach A

Vulnerabilities Findings (0)

Self-Healing Scrapers

Healing Monitor

Monitor HTML drift across collector scripts

DarkPulse stores baseline HTML, detects structure changes, tests selector health, and suggests fixes when a page drifts.

How It Works

Why the monitor shows fewer targets than total backend scripts

Loading...

Healing discovery scans collector script folders, skips framework files, ignores utility modules without a target URL, and keeps only real monitorable web targets.

Python Files 0
Skipped Infra 0
Utility / No URL 0
Actual Targets 0
Default Run Limit 0
1. Discovery Script folders are scanned

The monitor checks leak, news, exploit, defacement, social, and API collector folders.

2. Filtering Only real web targets are kept

Files like __init__.py, main.py, and utility helpers are excluded from target discovery.

3. Monitor Run HTML snapshots are compared

Each run fetches target pages, stores a new HTML snapshot, compares drift, and checks selector health.

Utility files without target URLs will appear here once discovery stats load.
Monitor ready.
Total Scripts 0
Healthy 0
No Data 0
Unreachable 0
HTML Changed 0
Repair Ready 0
Needs Review 0
Collector Breakdown 0 collectors
Per-Script Health 0 scripts tracked
Script Collector Domain Data Status Live Drift Selectors Last Checked Actions
Loading healing monitor...
Monitored Target Detail Select a script to inspect
Select a script to inspect baseline snapshots, latest HTML drift, failed selectors, and repair suggestions.
Recent Events 0 recent healing events

Leak Pipeline

Leak Source Status

Track every script inside leak_collector/scripts/leak, see whether it has pushed documents into Mongo, and confirm what is already visible on localhost.

Mongo-backed visibility for every leak script

Scripts with Mongo documents are already eligible to appear in Leak Feed and Live Feed on localhost:9000. Empty, unreachable, and import-error rows show what still needs fixing.

Loading leak source status...
Scripts 0
With Data 0
Mongo Docs 0
Ingested 0
Unreachable 0
Needs Work 0
Script Alias Status Mongo Docs Last Run Target Host Last Error
Loading leak source status...

Operator Manual

DarkPulse Documentation

Quick Start Access and Auth Command Center Semantic Search Scanners Healing Monitor Admin Operations

DarkPulse Manual

Threat intelligence, scanning, translation, search, healing, and operator workflows in one local console.

This page documents the features already implemented in DarkPulse so analysts and admins can move through authentication, feeds, scanners, automation, 2FA, healing, and recovery flows without guesswork.

Live Intelligence Feed One-Click Scan Semantic Search Translation Healing Monitor 2FA Access

Access and Authentication

DarkPulse supports approved-user login, access requests, approval guidance, 2-factor authentication, OTP verification, and an operator-visible password recovery workflow. First-time 2FA setup shows a QR code. Later sign-ins require OTP only. Forgot-password requests are recorded for admin review inside the local system.

  • Sign in with approved username and password.
  • Request analyst access from the login screen.
  • Open the approval workflow page to understand how access is granted.
  • Submit a password recovery request when account access is lost, then let an administrator review it from the recovery queue.
  • Use authenticator-based OTP for 2FA-protected accounts.

Command Center and Feeds

The Command Center is the operator launch surface. It combines automation status, source counters, global impact mapping, and routing into detailed feeds. Analysts can jump directly into News, Leaks, Defacement, Exploits, Social, and API/Tools from the sidebar.

Live Feed

Unified restored records with screenshots, evidence links, categories, entities, and raw JSON available in the detail modal.

One-Click Intelligence Update

Manual orchestration for news, leaks, social, and defacement with live dashboard state and result summaries.

Alert Summary

Per-source scan completion, new records, and delivery summary after each intelligence update.

Translation and Review

Translate the current view or an opened detail modal into another language, then return to the original source text instantly.

Semantic Search

The global header search is designed to behave like an intelligence search, not just a literal string filter. When a query is entered from the Command Center, DarkPulse analyzes the query, estimates the most relevant stream, and routes the operator into the feed with matching intelligence. If there are no matches, the feed shows a clear no-result state.

  • Works with simple actor or topic terms like bitcoin, anubis, telegram.
  • Supports multi-term searches like iran vs israel and routes to the most relevant stream.
  • Matches title, summary, description, categories, entities, IPs, actors, teams, URLs, and stored source text.
  • Use the global header search and press Enter from the Command Center to route into the best matching intelligence stream.

Scanners and Operator Tools

DarkPulse includes multiple scanner workflows alongside the core intelligence feeds.

Credential Checker

Searches local stealer-log JSON files and shows redacted exposure matches, source files, dates, and host context.

Confidential Data

Guarded review panel for highly sensitive document evidence, with metadata and withheld preview handling.

SEO Checker

Website posture report, grade output, audits, and AI/fallback recommendations.

Playstore Scanner

Checks for modded APK signals from a Play Store URL.

PC Game Scan

Looks for cracked or mirrored PC game/software results.

Repository Scan

Trivy-backed repo posture grading with findings and remediation guidance.

National Identity

Local connected-DB lookup for CNIC or phone-based result retrieval.

Healing Monitor

The healing system stores HTML snapshots for collector targets, checks selector health, detects page drift, and flags scripts as healthy, changed, repair-ready, or needing review. It is built for controlled recovery, not blind rewrites.

  • Target discovery from collector scripts.
  • Historical HTML snapshots per script target.
  • Selector drift detection and status history.
  • Repair suggestions for broken extraction paths.
  • Operator visibility on what changed and what needs review.

Admin Operations

Admins can approve users, manage 2FA, trigger healing scans, run intelligence updates, and review the local dashboard state. Security-sensitive values like GitHub tokens should stay in .env only and never be committed into source files.

Operator note: use the Documentation page as the local operating reference when onboarding new analysts into DarkPulse.

Profile Settings

Account Details

DP

Admin Profile

Account details and preferences.

Version 1.0.0

Profile

Manage profile identity and assigned access.

Preferences

Security and appearance settings.

2 Factor Authentication

Disabled

Theme

Dark Mode

DarkPulse
DarkPulse Authenticate to the live console

Threat Intelligence Access

Access the DarkPulse console

Sign in to monitor leak activity, track adversaries, run scans, and manage the restored DarkPulse workflow from one local command surface.

Local-first 2FA ready Approval workflow
Create account Need approval? Forgot password?

Request access

Submit your analyst access request. An administrator can review and approve it from the DarkPulse user management panel.

Back to login

Recover access

Enter your username or email. DarkPulse will record a reset request for administrator review inside the local system.

Back to login

Approval workflow

If your account is not approved yet, use this workflow so an administrator can review and activate it properly.

01

Create an account with your full name, email, and analyst username.

02

Wait for admin review in the DarkPulse User Management section.

03

Once approved, sign in normally. If 2FA is enabled, DarkPulse will ask for OTP.

Open access request Back to login

Verify your identity

Enter the 6-digit code from your authenticator app to finish signing in.

2FA setup QR code
-

Scan the QR code once, or enter the secret manually in your authenticator app.

Back to login

Threat Intelligence Platform

DarkPulse mark

DarkPulse Intelligence

Operational visibility for leaks, ransomware signals, defacement evidence, hostile channels, semantic routing, and collector healing.

Adversary Tracking

Correlate actors, victim mentions, and restored evidence inside one console.

Collector Healing

Monitor HTML drift, selector health, and repair readiness before feeds break.

Analyst Workflow

Route search semantically, translate records, and review screenshots locally.

Leak Watch Exploit Correlation Dark Web Signals Collector Healing
DarkPulse
Command Center Leaks Defacement Social Intel Documentation
326Social
1520Leaks
9604Exploit
Threat Intel Iran-linked Microsoft 365 targeting surfaced

DarkPulse semantically connected this reporting to ransomware coverage, actor references, and linked campaign evidence already restored inside the local console.

Leaks Ransomware Defacement Threat Intel
Active intelligence sweep

Restored feeds, collector health, and evidence surfaces stay visible in one live command view.

0% DarkPulse

Authenticating

Signing in to DarkPulse

Verifying your credentials and preparing the live console.

Checking username and password...


        

      


      

        
        
        
        Open Source
      

    

  


  

    

      

        

          
Masked Finding

          

        

        
      

      

        
Confidential Finding

        

        

        

          
          

        

        

          
          

        

        

          
          

        

        

          
          

        

      

      

        
      

    

  


  

    

      

        

          
DarkPulse Evidence Viewer

          
Evidence image

        

        
      

      

        Evidence image
      

      

        Open Original
      

    

  


  

    

      

        

          
DarkPulse Feed Filters

          
Date Range and Topic Routing

        

        
      

      

        
Filter feed sections

        
Apply one set of filters across the live feed tabs like News, Leaks, Defacement, Social, Exploit, and API.

        

          

            
            
          

          

            
            
          

        

        

          
          
          
            
            
            
            
            
            
            
            
            
          
        

        
No feed filters applied yet.

      

      

        
        
      

    

  


  
  

  

    

      

        
          
        
        

          DarkPulse AI
          Qwen 3 · MongoDB Intelligence
        

      

      

        
        
        
      

    

    

      

        

          
        

        
DarkPulse Intelligence

        
Ask about threat actors, leaks, CVEs, ransomware campaigns, or any topic in the local MongoDB.

      

    

    

      
      
    

  


  

    

      

        
Connection Settings

        
      

      

        

          
          
        

        

          
          
        

        

      

      

        
        
      

    

  


  

    

      

        

          
Arya Notification

          
Latest Scan Summary

        

        
      

      

        
Scan Summary

        

        

        

          
          

        

      

      

        
      

    

  


  

    

      

        

          
DarkPulse Language Relay

          
Translate Current View

        

        
      

      

        
Choose a language

        
Translate the current results into another language without leaving the dashboard.