Direct answer
Can PhishNet feed existing tools? Yes. Export profiles and API endpoints are designed for existing SOC, MISP, SIEM and fraud tooling.
Profiles
Fresh Belgian domains, confirmed URLs, verified-live URLs, mule routes, smishing routes, fake financial platforms, brand pressure, infra exposure, credential metadata, ads evidence and campaign clusters.
Formats
CSV, JSONL, STIX, MISP, PDF summaries and evidence bundles.
Row quality
Rows include source, confidence, confirmation state, freshness, liveness, brand, country, campaign/kit, Belgian relevance and evidence/detail URL.
How PhishNet uses this
Inside PhishNet this topic is treated as operational graph context: observations are linked to sources, evidence, Belgian relevance, confirmation state, liveness, campaigns and exports. Public pages explain the method; authenticated users can pivot into the full platform workflow when a signal needs investigation or handoff.
Selected sources and research
These pages combine PhishNet platform knowledge with public research, official Belgian sources and open OSINT documentation.
Common questions
Can PhishNet feed existing tools?
Yes. Export profiles and API endpoints are designed for existing SOC, MISP, SIEM and fraud tooling.
Are weak signals exported as confirmed?
No. Confirmation state stays explicit.