WikiLeaks data in numbers

Published on August 1, 2019 by

We have uploaded all the WikiLeaks data to Intelligence X and created a new category. You do not need an account or license to search through the WikiLeaks data using our site.

Try it out here! https://intelx.io/?s=cnn.com&b=leaks.public.wikileaks

Source & Challenges

Most of the raw data is available via https://file.wikileaks.org/file/ as well as torrents. There are a couple of organizational and technical challenges that come with the data:

  • The files are mostly unstructured and there is no clear index.
  • The published raw files do not always exactly match up in count with what’s published on wikileaks.org.
  • The chaotic way of how and what is published in raw form likely represents the chaos within the WikiLeaks organization (see Conway’s Law).
  • The file types vary. Some document are in PDF form, Word files (DOC, DOCX), some in picture form (JPG), and some in picture form embedded in PDFs. This makes it tricky to extract reliable meta-data (such as the title, creation date) and the data itself (the text).
  • Spam: Sometimes the data contains pure spam. A human is required to go through each folder and decide whether the data may be of interest or not.
  • Some data is compressed (7Z, RAR, ZIP) with many sub-files and folders.
  • Fake news: Some data contains fake information (for example: Fake medical report about Steve Jobs having a HIV+ diagnosis).
  • Pornographic content: Some attachments of emails contain pornographic content.
  • Duplicates: Some files are duplicated.
  • Extreme violence.

Counting the Input

  • Count of files: 43,374
  • Count of folders: 4,423
  • Total size: 28.3 GB

Intelligence X Statistics

The Intelligence X statistics list more files than the input, because the compressed files (ZIP and other) contain many files that are extracted and stored separately.

  • Count of items: 5,664,971
  • Count of unique selectors: 368,818
  • Count of total extracted selectors: 41,213,169
  • Size of data files (total): 471 GB

The above statistics mean that we have 368,818 different search terms (selectors, like domain name, email address, etc.) that search in 5,664,971 results.

Out of the 368k unique selectors, most are – not surprisingly – email addresses with 46%. Next is Credit Cards with 19% followed by URLs 15%.

Selector breakdown for the WikiLeaks data
Same data, different visualization

Cryptome

Update 8/9/2019: We uploaded the Cryptome data into the WikiLeaks bucket.

  • Count of items: 93,234
  • Count of unique selectors: 333,122
  • Count of total extracted selectors: 539,908
  • Size of data files (total): 39 GB

Related articles

Newsletter 2020-08-27

Published on August 27, 2020 by

August 2020: Latest News & Statistics Public API keys are retired We have retired public API keys. All 3rd party tools and integrations must use per-user API keys. Note: This also affects SpiderFoot users. We have updated our SDK to reflect that change. You can find your personal API key here: https://intelx.io/account?tab=developer In related news,


The road to 100 billion records

Published on August 23, 2020 by

At Intelligence X, we value quality over quantity. Our goal is continuous improvement, sustainability, and stability. As we cross the mark of 25 billion records with 100+ TB of storage, it is time to set sail for 100 billion records. Counting records A single record is an extracted selector (search term) like “test.com”. A search


Newsletter 2020-08-03

Published on August 3, 2020 by

August 2020: Recap of 3rd-party OSINT tools and integrations We are listing all approved 3rd-party integrations here: https://intelx.io/integrations h8mail: “an email OSINT and breach hunting tool using different breach and reconnaissance services” Maltego Transform subfinder: “subdomain discovery tool that discovers valid subdomains for websites by using passive online sources” theHarvester: “The tool gathers emails, names,


Search the blog: