Intrigue Research

Welcome! If you’ve landed here, you’ve probably been sent from an collection engine. This page is intended to provide transparency into our research process.

What kind of research and data collection do you perform?

Our research engines perform a variety of data-gathering tasks, all intended to find unknown assets and lightly gather enough information to determine security-posture for these assets. The gathered information analyzed by our research team, and where appropriate, proactively published to the owners of this information. No collection task performed requires authorized access. It is intentionally designed to be low-touch. While you may have seen some alerts from your IDS or WAF, these are benign flags, and are not indicative of malicious behavior.

Can I see the results?

Yes. ‍ Simply create an account and log into with your corporate email address to see results for your organization.

Can i see the specific tests you perform?

Absolutely. The Intrigue Core is open source, you can find more details on this site. You’ll also find our Github linked where we publish our core engine. Each test is a “task” in our terminology, and you can see the source of each on Github.

Getting in Touch

Feel free to contact [email protected] regarding further questions. We also appreciate any community analysis results and hope for your collaboration.

In case you would like to be excluded from some or all of our probes please let us know at [email protected] – make sure to mention your CIDR blocks / list of IP addresses and affiliation.Please note that as part of the opt-out process we attempt to verify that the requestor has been delegated or otherwise controls the network addresses in the opt-out request. We typically perform this verification via WHOIS and other tools. If we cannot verify delegation or ownership we are unlikely to opt-out the requested addresses. Similarly if the WHOIS delegation changes we may also remove the opt-out. It can be requested again in the future