AIL Framework Release: v6.7 - The Improved Search Interface.

#osint #opensource #threatintelligence #darkweb #cybersecurity

🔗 https://www.ail-project.org/blog/2026/03/12/v6.7.released/

AIL v6.6 is a release with a strong focus on PDF ingestion (captured from social networks or other collection sources) and translation, crawler improvements, and operational enhancements across users, queues, and metadata handling.

This version significantly expands AIL’s document-processing and data-collection capabilities by introducing a hardened PDF ingestion pipeline where all PDFs are converted to PDF/A and stripped of embedded metadata before ingestion to remove malicious content.

It also allows users to browse content locally with Lacus and send captured pages directly to AIL as crawler data, along with associated browser cookies and local storage imported as a cookiejar for reuse by the crawler, while continuing to improve reliability, scalability, and analyst workflows.

https://www.ail-project.org/blog/2025/12/12/v6.6.released/

#cti #opensource #threatintelligence #ail #darkweb #cybersecurity #intelligence #osint

@circl
@terrtia

**AIL v6.5** introduces several major improvements to strengthen dark web monitoring and analysis workflows:

- **I2P Crawling Support**
The crawler now supports **I2P**, extending coverage beyond Tor and traditional web sources.

- **Enhanced Search with Description Indexing**
Search capabilities have been improved with **description indexing**, making it easier to discover and correlate relevant content across large datasets.

- **Improved Image Analysis Workflows**
Image analysis has been optimized to provide more efficient processing, categorization, and contextual enrichment of visual material.

#darkweb #cybersecurity #threatintelligence #opensource #ailproject

🔗 https://www.ail-project.org/blog/2025/09/29/v6.5.released/

@circl

We’re excited to release AIL Framework v6.3 which includes Passive SSH integration, enabling correlation of SSH keys across onion services, IPs, and domains. This helps identify shared infrastructure and supports onion deanonymization efforts. Multiple bugs were fixed and many improvements were included.

🔗 https://www.ail-project.org/blog/2025/07/16/v6.3.released/

#opensource #ail #darkweb #cybersecurity #threatintelligence #threatintel #osint

@circl

AIL 6.2 released - Smarter Analysis, Search and Enhanced User Experience

We’re excited to release AIL Framework v6.2, a major update with new features and improved performance. This version makes analysis easier and the overall experience faster and more user-friendly.

Among the highlights are a fully revamped search engine powered by MeiliSearch, improved language detection for short text, local AI-driven image descriptions, and a yara-hunting editor tool.

🔗 https://www.ail-project.org/blog/2025/05/28/AIL-v6.2.released/

#darkweb #threatintelligence #threatintel #cti #opensource #osint

AIL Project v6.1 released with new features including unsafe filter for Tor crawling, many bugs fixed and Telegram attachment analysis.

https://www.ail-project.org/blog/2025/02/06/AIL-v6.1.released/

#ail #threatintelligence #threatintel #opensource #darkweb

There is a common issue when analyzing dark web content, particularly Tor onion addresses. As a DFIR investigator or intelligence analyst, you want to avoid specific content, such as child sexual abuse material (CSAM) or other content unrelated to your digital investigation.

The open Onion Lookup online service provides continuous classification to help analysts and investigators pre-classify Tor onion addresses without requiring direct access to such content.

🔗 Onion lookup https://onion.ail-project.org/
🔗 Onion lookup OpenAPI https://onion.ail-project.org/apiman/swagger/
🔗 About AIL project https://www.ail-project.org/
🔗 MISP dark web taxonomy https://www.misp-project.org/taxonomies.html#_dark_web

#csam #threatintelligence #opensource #darkweb #tor #onion #quanticonion

@misp @circl

We are glad to announce the release of AIL v5.9, packed with numerous updates and fixes that enhance the performance and features of the framework. This release focuses on improvements in qrcode handling, `dom-hash` support...

The fingerprint is calculated by extracting all the tag names (ignoring the content itself as well as attributes of the HTML Page). The tag names are concatenated with a pipe value , hashed using the SHA-256 algorithm, and truncated to the first 32 characters.

Software such as LookyLoo or MISP have implemented the algorithm, the AIL framework now support the dom-hash algorithm to cluster and group similar page structure.

https://www.ail-project.org/blog/2024/10/18/AIL-v5.9.released/

#darkweb #osint #opensource #ail #threatintelligence #misp #pivot #correlation

@misp @circl

We announce the release of AIL Framework v5.8, packed with new features, improvements, and bug fixes to facilitate the usage. This release focuses on expanding functionality and improving efficiency in key areas such as **QR code extraction**, domain lookups, image handling, and more.

🔗 https://www.ail-project.org/blog/2024/10/03/AIL-v5.8.released/

#threatintel #osint #intelligence #opensource #ailproject #darkweb

AIL Project version 5.7 released with many improvements with 2FA support, multi-organisation support, improved chat monitoring and more.

https://www.ail-project.org/blog/2024/09/18/AIL-v5.7.released/

#darkweb #threatintelligence #threatintel #telegram #infosec

@terrtia @circl @misp @adulau

Thanks to MISP-LEA training participants for the feedback and ideas for AIL improvements.