Integrate threat intelligence directly into your applications with our powerful REST API.
Create an account and generate your API key from the dashboard.
Send authenticated requests to our REST endpoints.
Receive structured JSON responses with intelligence data.
import requests
API_KEY = "sk_live_..."
BASE_URL = "https://socialeye.net"
# Resolve a handle
def resolve_handle(handle):
response = requests.post(
f"{BASE_URL}/api/resolve",
headers={
"Authorization": f"Bearer {API_KEY}",
"Content-Type": "application/json"
},
json={"handle": handle}
)
return response.json()
# Search breach databases (Operative+)
def search_breaches(search_type, term):
response = requests.post(
f"{BASE_URL}/api/database/search",
headers={
"Authorization": f"Bearer {API_KEY}",
"Content-Type": "application/json"
},
json={"type": search_type, "term": term}
)
return response.json()
# Search stealer logs (GOD tier only)
def search_stealer_logs(search_type, term):
response = requests.post(
f"{BASE_URL}/api/stealer-logs/search",
headers={
"Authorization": f"Bearer {API_KEY}",
"Content-Type": "application/json"
},
json={"type": search_type, "term": term, "limit": 50}
)
return response.json()
# Example usage
breaches = search_breaches("email", "[email protected]")
print(f"Found {breaches['data']['found']} breach records")All API requests require authentication via Bearer token. Include your API key in the Authorization header of every request:
Security Note: Never expose your API key in client-side code. Always make API calls from your backend server.
/api/resolveResolve a handle/username to associated profiles, breach data, and stealer logs
{
"success": true,
"data": {
"target": { "handle": "johndoe", "x": {...}, "instagram": {...} },
"intelligence": { "former_usernames": [...] },
"stealer_logs": { "total_found": 3, "results": [...] },
"quota": { "remaining": 499, "limit": 500, "tier": "OPERATIVE" }
}
}/api/database/searchSearch breach databases for exposed credentials and personal data
{
"success": true,
"data": {
"found": 15,
"databases": 3,
"elapsed": "0.234s",
"results": [
{
"id": "...",
"email": "[email protected]",
"password": "••••••••",
"source": { "name": "breach_2023", "date": "2023-06-15" }
}
]
}
}/api/stealer-logs/searchSearch stealer logs for compromised credentials (GOD tier only)
{
"success": true,
"data": {
"count": 12,
"elapsed": "0.156s",
"results": [
{
"id": "log_abc123",
"data_type": "stealerlog",
"origin": "https://example.com/login",
"login": "[email protected]",
"password": "exposed_pass",
"time_ingested": "2024-01-15T10:30:00Z",
"source": { "channel_name": "...", "platform": "telegram" }
}
],
"pagination": { "next": { "offset": 35, "limit": 35 } }
}
}/api/stealer-logs/file/[id]/[type]Browse detailed contents of a stealer log (GOD tier only)
// Example for type=credentials:
{
"success": true,
"data": {
"count": 45,
"credentials": [
{ "origin": "https://bank.com", "login": "[email protected]", "password": "...", "file": "..." }
],
"pagination": { "next": { "offset": 20, "limit": 20 } }
}
}
// Example for type=cookies:
{
"success": true,
"data": {
"count": 120,
"cookies": [
{ "domain": ".google.com", "name": "session", "value": "...", "expires": 1735689600 }
]
}
}
// Example for type=system:
{
"success": true,
"data": {
"high_risk": [{ "key": "IP Address", "value": "192.168.1.1" }],
"info": { "OS": "Windows 10", "Username": "victim_user" }
}
}/api/historyRetrieve your search history
{
"success": true,
"data": [
{
"id": "...",
"query": "johndoe",
"timestamp": "2024-03-20T10:00:00Z",
"summary": { "profiles_found": 2, "breaches_found": 5 }
}
]
}/api/auth/meGet current account information and tier
{
"success": true,
"data": {
"id": "user_...",
"email": "[email protected]",
"plan": "OPERATIVE",
"quota": { "used": 10, "limit": 500 }
}
}/api/settings/api-keyGet API key status and settings
{
"success": true,
"data": {
"key_preview": "sk_live_...abcd",
"created_at": "2024-01-01T00:00:00Z",
"last_used": "2024-03-20T10:00:00Z"
}
}/api/settings/api-keyGenerate or regenerate API key
{
"success": true,
"data": {
"api_key": "sk_live_very_long_secret_key"
}
}/api/settings/ipsGet whitelisted IP addresses
{
"success": true,
"data": [
{ "ip": "1.1.1.1", "label": "Office VPN", "created_at": "..." }
]
}/api/settings/ipsAdd an IP to whitelist
{
"success": true,
"data": { "ip": "1.1.1.1", "label": "Office VPN" }
}| Plan | Breach Search | Stealer Logs | Rate Limit | Whitelisted IPs |
|---|---|---|---|---|
| Free | No Access | No Access | - | - |
| Analyst | No Access | No Access | - | - |
| Operative | Full Access | No Access | 1 req/sec | 3 |
| Sovereign | Full Access | No Access | 3 req/sec | 10 |
| GOD | Full Access | Full Access | Unlimited | Unlimited |
GOD Tier Exclusive: Stealer logs search and file browser APIs are only available to GOD tier users. Contact sales to upgrade and unlock full stealer log access via API.
IP Whitelisting: For security, API requests are validated against your whitelisted IPs. You must configure at least one IP in Dashboard → Settings → API Access before using the API.
Rate Limit Headers: All API responses include rate limit information in the headers:
429 Too Many Requests: If you exceed your rate limit, the API will return a 429 status code. Wait for the time specified in retryAfterMs before retrying.