SecurityTrails API

SecurityTrails API is a data intelligence service that provides access to large-scale DNS, WHOIS, and IP-related datasets for security research, threat hunting, and attack surface management. The platform aggregates and indexes historical and current internet infrastructure data, including: - Over 10.19 trillion historical DNS lookups - 4.2 billion historical WHOIS records - 2.6 billion total hostnames tracked - 630 million domains tracked Core use cases include: - Cyber forensics and investigations: Researchers and security teams can query historical DNS and WHOIS data to trace infrastructure changes, identify threat actor patterns, and correlate domains or IPs over time. - Attack surface management: Users can discover forgotten or untracked digital assets, map associated domains, and manage infrastructure sprawl. - Brand protection and fraud prevention: The data can be used to detect brand abuse, digital fraud, and unauthorized domain registrations. - Data enrichment: Organizations can integrate the API into existing security tools or workflows to enrich datasets with domain, DNS, and IP context. Access is provided primarily through a REST API, with documentation available for programmatic integration. The platform also offers an Attack Surface Intelligence product alongside the core API offering. SecurityTrails is operated under Recorded Future, as indicated by the go.recordedfuture.com links throughout the site.