This post is best seen on the website!
GitHub: https://github.com/DarkWebInformer/FBI_Watchdog
Version: 1.0
Release Date: 5th of February 2025
FBI Watchdog
🛡️ FBI Watchdog is a cyber threat intelligence OSINT tool that monitors domain DNS changes in real-time, specifically detecting law enforcement seizures (ns1.fbi.seized.gov and ns2.fbi.seized.gov). It alerts users via Telegram and Discord and captures screenshots of seized domains.
✅ FBI Watchdog is clean! No detections on VirusTotal. Check the latest scan report here: VirusTotal Report
🚨 Live in Action: FBI Watchdog is actively monitoring domains on my Telegram channel: TheDarkWebInformer.
🔍 Want Cyber Threat Intelligence updates? Visit DarkWebInformer.com for real-time insights on data breaches, data leaks, ransomware and more dark web threats.
📸 FBI Watchdog in Action
🔍 Checking DNS
| DNS Checking | More DNS Checking | DNS Checking Finished |
|---|---|---|
 |  |  |
| Checking for DNS Record Changes | Checking for More DNS Changes | DNS Checking Completed |
⚠️ Detecting DNS Changes & Seizure Capture
| DNS Changes Alerted | Seizure Page Captured |
|---|---|
 |  |
| Detected DNS Record Change | Captured LEA Seizure Page |
📲 Telegram Notifications
| DNS Change Alert | Seizure Alert | Seizure Screenshot |
|---|---|---|
 |  |  |
| DNS Changes Sent to Telegram | Discord LEA Seizure Notification | Telegram Seizure Screenshot |
🔔 Discord Notifications
| DNS Change Alert | Seizure Alert | Seizure Screenshot |
|---|---|---|
 |  |  |
| DNS Changes Sent to Discord | Telegram LEA Seizure Notification | Discord Seizure Screenshot |
📌 Features
- ✅ Real-time DNS Monitoring – Detects changes in
A,AAAA,CNAME,MX,NS,SOA, andTXTrecords. - ✅ Seizure Detection – Identifies law enforcement takeovers (
ns1.fbi.seized.gov and ns2.fbi.seized.gov). - ✅ Telegram & Discord Alerts – Sends detailed notifications when a DNS change occurs or a domain is seized.
- ✅ Screenshot Capture – Uses Selenium to take snapshots of affected sites.
- ✅ Rich CLI Output – Uses
richfor colored logs and better visibility. - ✅ Auto-Saves DNS History – Stores previous DNS states in
fbi_watchdog_results.json. - ✅ Cross-Platform – Works on Windows, Linux, and macOS.
❗ Known Issues / Bugs
- ❗ SSL Errors in Screenshots – Some sites may not load in Selenium due to
ERR_SSL_VERSION_OR_CIPHER_MISMATCH. - ❗ DNS Query Failures – Some domains may not return results due to NXDOMAIN errors.
- ❗ Telegram Message Duplication – On rare occasions, Telegram alerts may be sent twice.
🚀 Future Features
- 🚀 Multi-Platform Notifications – Add support for Slack & Email alerts.
- 🚀 Database Support – Store DNS history in SQLite or PostgreSQL instead of JSON.
- 🚀 Check For Updates – Script will check for new updates on startup.
- 🚀 Seizure Detection Without NS Changes – Detect LEA seizures using HTTP status codes, WHOIS changes, and/or SSL certificate logs.
- 🚀 Seizure Detections from Cloudflare NS - LEA sometimes use Cloudflare NS when seizing domains.
- 🚀 Custom Domain List and DNS Records File (
config.json) – Allow users to define monitored domains, and records into a config file instead of hardcoding. - 🚀 Randomized User-Agent for Selenium – Implement a rotating User-Agent to bypass bot detection and avoid fingerprinting.
- 🚀 Onion Site Monitoring – Add
.onionsupport for hidden services. - 🚀 Faster Checks with AsyncIO or Threading – Improve DNS monitoring speed by using asyncio (aiodns) or threading for parallel lookups, reducing scan times and improving efficiency.
💻 System Requirements:
- 🐍 Python 3.x (Latest version preferred, minimum recommended: Python 3.8)
- 🖥️ Google Chrome installed (For Selenium screenshots)
📜 Required Python Packages:
The script requires the following dependencies:
dnspython requests python-dotenv selenium webdriver-manager rich
🖥️ Installation Guide
Follow these steps to install and set up FBI Watchdog on your system.
1️⃣ Clone the Repository
git clone https://github.com/DarkWebInformer/FBI_Watchdog.git
cd FBI_Watchdog
2️⃣ Install Dependencies
Ensure you have Python 3.x installed. Then, install the required dependencies:
pip install -r requirements.txt
3️⃣ Setup Environment Variables
Create a .env file in your root directory and add your Discord Webhook, Telegram API key, and Telegram Channel ID:
WEBHOOK=<your_discord_webhook>
TELEGRAM_BOT_TOKEN=<your_telegram_bot_token>
TELEGRAM_CHAT_ID=<your_telegram_chat_id>
🔹 Replace <your_discord_webhook>, <your_telegram_bot_token>, and <your_telegram_chat_id> with your actual credentials.
4️⃣ Add Domains to Monitor
Add domains you want to monitor for DNS and seizure changes.
domains = ["example.com", "example1.com", "example2.com"]
4️⃣ Run the Script
Start FBI Watchdog with:
python fbi_watchdog.py
🔍 FBI Watchdog will now begin monitoring for seizure banners and tracking domain changes.
💰 Support FBI Watchdog & Dark Web Informer
FBI Watchdog is an open-source project dedicated to cyber threat intelligence, monitoring seizure banners, and providing real-time insights. Your support helps keep this project running!
You can also get access to premium cyber threat intelligence on Dark Web Informer.
📢 Subscription Options:
- 💳 Standard Subscription: Sign up here
- 🏴☠️ Crypto Subscription: Pay with cryptocurrency
🔍 Stay ahead of the latest cyber threats with real-time intelligence. 🚀
❤️ Donate to Support Dark Web Informer's Work
If you find Dark Web Informer and/or FBI Watchdog valuable, consider making a donation to help future development, research, and cyber threat intelligence. 👉 Donate here
📢 Advertise With Dark Web Informer
Looking to promote your cybersecurity services or reach the right audience? Check out the advertising options here: Advertising Rates
Your support helps keep FBI Watchdog and Dark Web Informer independent and continuously improving. Thank you!
📝 License
This project is licensed under the MIT License – see the LICENSE file for details.
