ThreatPipes Logo

Case Studies

Read how some of our existing customers use ThreatPipes

About ThreatPipes

ThreatPipes is a reconnaissance tool that automatically queries 100’s of data sources to gather intelligence on IP addresses, domain names, e-mail addresses, names and more.

You simply specify the target you want to investigate, pick which modules to enable and then ThreatPipes will collect data to build up an understanding of all the entities and how they relate to each other.

DNS, Whois, Web pages, passive DNS, spam blacklists, file meta data, threat intelligence lists as well as services like SHODAN, HaveIBeenPwned? and more are used to find out more about a target and its known affiliates.

ThreatPipes follows chains of intelligence to uncover other threat indicators with a relationship to your original target. For example, a domain entered in a scan might resolve to SSL certs, email addresses, IPs and so on.

The data returned from a ThreatPipes scan will reveal a lot of information about your target, providing insight into possible data leaks, vulnerabilities or other sensitive information that can be leveraged during a penetration test, red team exercise or for threat intelligence.


Below are just a handful of example use-cases how our customers use ThreatPipes.

  • Automated Incident Handling: See how ThreatPipes is used to defensively to monitor your perimeter and to identify potential breaches.
  • Exposing Compromised Assets: See how ThreatPipes is used to expose weak links in your organisation that attackers can leverage.
  • Identifying Vulnerabilities: See how ThreatPipes is used offensively to uncover assets in your network that are susceptible to being exploited.


Want to see more? Watch this short demonstration of ThreatPipes.