Try Claude
Security ScannerScan URLs, IPs, domains and files for threats
AI Tools for FBI Agents
AI tools that help FBI agents and federal law enforcement professionals research threats, analyze open-source intelligence, monitor geopolitical events, translate documents, and prepare investigation briefs.
Get started for free
Works in Chat, Cowork and Code
Structure
RaaS affiliate model · 80/20 revenue split · estimated 200+ active affiliates
Primary targets
Healthcare, manufacturing, critical infrastructure · US-heavy
Recent activity
Q1 2026: 47 confirmed victims · 12 in healthcare sector
Law enforcement
Operation Cronos (2024) disrupted infrastructure · rebuilt Feb 2025
TTPs
Ivanti VPN exploitation (CVE-2025-0282) · double extortion
Threat actor and criminal network research
Research criminal organizations, threat actors, and networks using open-source intelligence. Build comprehensive background profiles that contextualize classified intelligence and support investigation planning.
Research the MS-13 gang — their current US operational structure, recruitment methods, primary geographic strongholds, and recent law enforcement actions against them in 2025.
MS-13 Research Summary: US presence concentrated in Northern Virginia, Long Island NY, Houston TX, and Los Angeles. Recruitment: targeting unaccompanied minors at schools; 2025 recruitment shift toward encrypted social platforms (Telegram, Discord cliques). Recent LE actions: DOJ indicted 16 leaders in a Virginia sweep (Feb 2025); DHS designated the organization as a transnational criminal organization. El Salvador clique structure: increasingly decentralized post-Bukele crackdown, US cliques operating more autonomously.
ToolRouter research
US strongholds
Northern Virginia, Long Island NY, Houston TX, Los Angeles
Recruitment (2025)
Targeting unaccompanied minors · Telegram/Discord shift
DOJ action Feb 2025
16 leaders indicted in Virginia sweep
Structure
Increasingly decentralized post-Bukele · US cliques autonomous
Cybercrime and vulnerability intelligence
Track current CVEs being exploited in the wild, research ransomware group tactics, and monitor darknet threat reporting. Support cyber investigations and critical infrastructure protection efforts.
Find CVEs that have been actively exploited in ransomware attacks in the past 90 days — prioritize those affecting healthcare and critical infrastructure.
Active exploitation in past 90 days — high-priority CVEs: CVE-2025-21234 (Ivanti Connect Secure, CVSS 9.8, actively exploited by LockBit affiliate); CVE-2025-0282 (same platform, zero-day, CISA KEV listed); CVE-2024-49104 (Microsoft Exchange, used in Cl0p campaign against hospital systems). Healthcare sector most targeted (34% of ransomware victims Q1 2026). CISA emergency directive issued for the Ivanti vulnerabilities.
ToolRouter search_cves
CveProductCvss
CVE-2025-21234Ivanti Connect Secure9.8
CVE-2025-0282Ivanti Connect Secure9.0
CVE-2024-49104Microsoft Exchange8.8
3 of 19 critical CVEs · healthcare sector 34% of victims Q1 2026
Geopolitical and international threat monitoring
Track state-sponsored threat activity, international sanctions evasion, and foreign adversary operations using real-time geopolitical event data. Support counterintelligence and national security investigations.
Monitor GDELT for events linked to Chinese state-sponsored cyber activity targeting US defense contractors in the past 30 days.
GDELT analysis — past 30 days: 47 events tagged with China state actor + US defense sector targeting. Dominant event types: cyberattack (31), espionage accusation (9), sanctions action (4). Peak activity: March 14–19 cluster corresponds with reported intrusion at a Virginia defense contractor (unnamed in public reporting). Geographic activity cluster: Chengdu, Hainan province IP ranges consistent with APT41 attribution.
ToolRouter get_events
Cyberattack events
Espionage events
Document translation and foreign material analysis
Translate seized documents, intercepted communications, and foreign-language evidence into English with contextual and linguistic notes. Supports international investigations and MLAT requests.
Translate this Arabic text from a seized communication and note any coded language or unusual phrasing: "اللقاء سيكون في الموعد المحدد. الحزمة جاهزة. انتظر الإشارة الخضراء."
Translation: "The meeting will be at the scheduled time. The package is ready. Wait for the green signal." Linguistic notes: "الحزمة" (al-huzma) — literally "package/bundle" — frequently used as coded language for contraband or operational materials in intercepts. "الإشارة الخضراء" (green signal) is an idiomatic expression for authorization to proceed. Phrasing is consistent with operational coordination language rather than commercial communication.
Academic and behavioral research
Access peer-reviewed research on radicalization pathways, behavioral threat assessment, financial crime typologies, and organized crime structures to support case development and training.
Find peer-reviewed research on lone-actor terrorism radicalization — behavioral warning signs, online radicalization pathways, and evidence-based intervention programs.
Found 31 relevant studies. Key findings: Online radicalization pathway follows a 4-stage model (Moghaddam staircase) — grievance, displacement of aggression, moral disengagement, entrapment. Warning behaviors (Meloy & Hoffman, 2023): pathway behavior, leakage, identification with cause, fixation. Intervention programs with strongest evidence: Life After Hate (US), Aarhus Model (Denmark). Recommended reading: J.M. Berger's "Extremism" (2018), RAND radicalization meta-analysis (2025).
ToolRouter search_papers
Author / sourceFindingYear
Meloy & Hoffman8 warning behaviors incl. pathway behavior, leakage2023
RAND meta-analysisAlgorithm-driven content doubles radicalization speed2025
J.M. BergerExtremism — in-group/out-group model2018
31 studies found · Moghaddam Staircase model dominant framework
Compliance and sanctions screening
Screen individuals, companies, and financial networks against OFAC SDN lists, international sanctions databases, and PEP registries to support financial crime and counterterrorism financing investigations.
Screen the name Dmitri Volkov and the company name Volkov Trading LLC for OFAC SDN list matches, EU sanctions, and any US regulatory enforcement actions.
Dmitri Volkov: Potential OFAC SDN match — Dmitri A. Volkov, DOB 1971, listed under Ukraine-/Russia-Related Sanctions (E.O. 13661). Confidence: high — name, nationality, and business sector consistent. Volkov Trading LLC: Not independently listed. EU sanctions: Dmitri Volkov appears on Council Regulation (EU) 833/2014 consolidated list. Recommended action: formal OFAC confirmation via SDN search tool.
ToolRouter screen
OFAC SDN match
Dmitri A. Volkov · DOB 1971 · Ukraine/Russia sanctions (E.O. 13661) · HIGH confidence
EU sanctions
Council Regulation (EU) 833/2014 consolidated list — confirmed
Volkov Trading LLC
Not independently listed · beneficial ownership check recommended
Action
Formal OFAC confirmation via SDN search tool required
Ready-to-use prompts
Research threat actor
Research the Lazarus Group — their known attribution to North Korea, primary attack methodologies, targets, and recent operations in 2025–2026.
CVE exploitation monitoring
Find CVEs currently being exploited in the wild that target financial sector infrastructure — banks, payment processors, and stock exchanges.
Translate foreign document
Translate this Spanish document and note any cartel terminology, coded language, or unusual phrasing: [paste text].
Geopolitical threat monitoring
What geopolitical events involving Russia, China, Iran, and North Korea are currently most active in the GDELT event database? Focus on activity targeting US interests.
Radicalization research
Find peer-reviewed research on online radicalization to violent extremism — specifically the role of social media algorithms in accelerating the process.
OFAC sanctions screen
Screen these three names and entities for OFAC SDN list, EU sanctions, and US regulatory enforcement matches: [Name 1], [Name 2], [Company Name].
Financial crime typology
Research documented typologies of trade-based money laundering and how criminal organizations use international trade to move illicit funds.
Tools to power your best work
Vulnerability DatabaseSearch CVEs & track new advisories
Academic ResearchSearch papers, authors, citations
Content RepurposerTurn any content into posts, scripts, and articles
Deep ResearchAI research reports with citations
TranslateAccurate translation, 30+ languages
Regulatory ActionsSEC, CFPB, FDIC & Federal Register
Compliance ScreeningAML, sanctions, PEP & due diligence investigations
NewsSearch and track news worldwide
165+ tools.
One conversation.
Everything fbi agents need from AI, connected to the assistant you already use. No extra apps, no switching tabs.
Subject background intelligence package
Build a comprehensive open-source intelligence package on a subject or organization: public records, sanctions screens, academic context, and a compiled brief.
Cyber threat intelligence report
Compile a threat intelligence report covering active threat actors, exploited CVEs, and geopolitical context for a specific sector or infrastructure target.
Frequently Asked Questions
Can these AI tools access classified databases?
No. These tools exclusively access open-source, publicly available information — news, academic papers, public records, sanctions lists, CVE databases, and public geopolitical event feeds. They are designed for OSINT and research support, not to interface with classified government systems.
How is the geopolitics tool different from a news search?
The Geopolitics tool uses GDELT — the world's largest open event database — which codes millions of global events daily from news sources into structured actor-action-target data. It enables trend analysis, actor monitoring, and quantitative event tracking that a simple news search cannot provide.
Are AI translations reliable enough for investigative use?
AI translation is highly accurate for most languages and formal text. For evidentiary use in court proceedings, always have a certified human translator verify the document. AI translation is excellent for rapid triage, building investigative leads, and drafting working documents.
Can these tools help with FBI SA entrance exam preparation?
Yes. Deep Research can compile study guides for the Phase I written test and Phase II components including the Logic-Based Reasoning test, written exercise, and interview preparation. Academic Research can surface FBI career and applicant requirement resources.
Give your AI superpowers.
Get started for free
Works in Chat, Cowork and Code