Skip to main content
CyberThreat AI is a web platform that lets you submit an indicator of compromise (IoC) — an IP address, domain, or file hash — and instantly receive a threat analysis aggregated from multiple intelligence sources, followed by a reasoned AI verdict.

Quick Start

Submit your first IoC and get a threat verdict in minutes

API Reference

Integrate CyberThreat AI directly into your workflows via REST API

Threat Intelligence Sources

Learn how VirusTotal, AbuseIPDB, PolySwarm, and Robtex power the analysis

Using Your API Keys

Bring your own API keys for each intelligence provider

How it works

1

Submit an IoC

Enter an IPv4 address, IPv6 address, domain name, MD5, SHA1, or SHA256 hash in the search field. CyberThreat AI automatically detects the type.
2

Intelligence is gathered

The platform queries relevant threat intelligence providers in parallel — VirusTotal, AbuseIPDB, PolySwarm, and Robtex — depending on the IoC type.
3

AI delivers a verdict

Aggregated threat data is sent to an AI model via OpenRouter. The response streams in real time, classifying the IoC as Malicious, Suspicious, or Benign with supporting reasoning.
4

Review and act

Read the structured verdict including confidence level, summary, reasons, and recommended actions — all rendered as readable markdown in the UI.

Supported IoC types

TypeExample
IPv41.2.3.4
IPv62001:4860:4860::8888
Domainexample.com
MD5 hash44d88612fea8a8f36de82e1278abb02f
SHA1 hashda39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 hashe3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
You can use CyberThreat AI directly in the browser at ctai.marcvspt.tech or call the API programmatically from your own tools and pipelines.

Build docs developers (and LLMs) love

Get started for freeTalk to us