LEAKLENS

LeakLens is AI Agent designed to protect organizations and individuals from compromised servers, exposed credentials, and sensitive data leaks.

Comment

Inspiration

The project was inspired by four major challenges in cybersecurity: the exponential growth and variety of data (Big Data challenge), the evolution of complex threats like Advanced Persistent Threats (APTs), the scarcity of expert human resources who are often burdened with repetitive tasks, and the slow, manual dissemination of threat intelligence. The mission is to transform cyber defense from a reactive approach into one that is automated, proactive, and predictive.

What it does

LeakLens is an threat intelligence AI-Agent designed to protect organizations and individuals from compromised servers, exposed credentials, and sensitive data leaks. It is a next-generation system that analyzes, stores, and disseminates threat intelligence. Users can simply set filters (e.g, for specific organizations or countries) to continuously monitor their assets and enrich AI-Agent to specific topic.

How we built it

LeakLens was built as a unified ecosystem leveraging several key technologies: Workflow Automation: Utilizes n8n to connect and automate various services. Data Processing: Python scripts are used for crawling and refining raw threat data from external sources, including Threat Intelligence Sources, Dark Web Forums and Telegram Channels. Database & Search: Uses PostgreSQL for flexible document storage and as a vector database to support AI embedding and information retrieval. AI Implementation: Implements Gemini for content validation, reasoning, and multimodal features such as image-to-text and text-to-text for enhanced reporting.

Challenges we ran into

The team encountered significant technical hurdles when implementing automated crawling across deep web and dark web data breach forums. Many of these platforms employ sophisticated anti-bot protections, such as Cloudflare, which create barriers for automated scripts. Navigating these limitations while maintaining a steady flow of data for analysis proved to be a major challenge.

Accomplishments that we're proud of

We are particularly proud of:

  • Developing an AI-Agent that successfully covers every phase of the threat intelligence lifecycle, from planning and collection to dissemination.
  • Creating the MBOKDe SITI AI chatbot, an advanced analyst assistant that uses Retrieval-Augmented Generation (RAG) to provide contextual answers based on threat database.
  • Automating the impact validation process, allowing the system to independently determine if a data leak affects a specific organization or country and notify stakeholders instantly.

What we learned

The team realized that reactive detection is no longer sufficient; predictive defense through AI-driven pattern recognition and forecasting is essential. We also learned that consistent and structured data standardization is crucial for ensuring threat intelligence is easily integrated and actionable across different security platforms.

What's next for LEAKLENS

LeakLens aims to continuously monitor and identify data leaks before they become public. We are committed to staying up-to-date and identify the latest data breach forums and emerging threat intelligence trends to constantly update and expand our sources. By strengthening defenses through deeper intelligence integration, we aim to safeguard the future of cybersecurity with adaptive AI technologies.

Share this project:

Updates