Aggregator

Lurk

Item: Lurk
Rating: 8
Author: KYC No Thanks

Lurk is a privacy-first OSINT and threat-intelligence platform that operates without accounts, emails, or identity checks. Users pay with cryptocurrency, receive a single-use token, and query breach data, IP reputation, and darknet feeds with no persistent logs.

8.0

out of 10

L1 Anonymous

Non-custodial No email required No IP logging 5 payment options

Visit website Suggest an update

// review

Overview

Lurk is an anonymous, token-based OSINT aggregator built for cybersecurity professionals, journalists, penetration testers, and privacy-conscious researchers who need breach intelligence, IP reputation data, and darknet monitoring without leaving an identity trail. The platform deliberately rejects the standard SaaS playbook: there are no user accounts, no email registrations, no password resets, and no support tickets that could be subpoenaed. Access is purchased with cryptocurrency, Bitcoin, Ethereum, Monero, or USDT, and redeemed through a cryptographic token that is shown once and never stored in plaintext. This architecture makes Lurk one of the few professional-grade intelligence tools that genuinely operates as a no-KYC service from end to end.

The interface is deliberately minimal. Users land on a single page, select a query type, email, IP address, domain, username, or hash, and either run a limited free search or authenticate with a paid token. Behind the scenes, Lurk indexes over 15 billion credentials from public breach dumps, enriches IP addresses with live GreyNoise and Shodan data, monitors more than 50 darknet forums and Telegram channels, and offers cross-platform username enumeration across 600+ services. API access is available for Pro and Elite tiers, returning structured JSON for pipeline integration.

Privacy & KYC

Lurk sits at KYC Tier L1, fully anonymous and pseudonymous. No name, no email, no phone number, no government ID, and no geolocation verification are requested at any stage. The privacy architecture extends beyond policy into technical design. According to its published privacy documentation, Lurk collects only a SHA-256 hash of the user's token for authentication and a payment transaction ID for ledger validation. IP addresses, browser fingerprints, search queries, behavioral metadata, and referrer URLs are explicitly listed as never collected at either application or network layer. Traffic routes through a privacy-configured edge network with logging disabled entirely.

Token model: Inspired by Mullvad VPN's approach, payment creates a token, the plaintext token is displayed once, and only its hash is retained server-side. Lost tokens are unrecoverable by design.
Payment privacy: Monero is natively supported and recommended; Bitcoin, Ethereum, and USDT are also accepted. Monero's stealth addresses and ring signatures break on-chain linkage between payment and token.
Warrant canary: A PGP-signed warrant canary is published monthly. If updates cease, users are instructed to treat it as a compromise signal.
Opt-out mechanism: Individuals can submit identifiers at lurk.st/optout; only a SHA-256 hash is stored, and matching future queries are automatically suppressed.

The platform's privacy score in our methodology is tempered by the inherent opacity of any closed-source infrastructure claim. Users cannot fully verify zero-logging assertions, and Lurk acknowledges this directly in its FAQ: "You cannot fully verify this, and anyone who says otherwise is lying." The economic model, retaining no data minimizes legal attack surface and operational overhead, provides a plausible but not provable guarantee.

Supported assets & payments

Lurk accepts four cryptocurrencies for token purchases: Bitcoin (BTC), Ethereum (ETH), Monero (XMR), and Tether (USDT). Fiat is not directly accepted, though the reference to "Fiat" and "Cash" in aggregated directory data likely reflects indirect on-ramp flexibility rather than native support. Monero is explicitly positioned as the preferred option for users seeking maximum payment privacy, with the site noting that "Bitcoin leaves a trail" and chain analysis is effective against transparent ledgers.

Pricing is structured in three tiers. The Free tier requires no payment and permits five searches per day with email and IP query types only, basic threat data, and hidden passwords. Pro access, listed at €15 monthly under a "Founder's Lock", expands to 2,500 searches daily, reveals full credentials, unlocks all sources, includes API access, and supports JSON/CSV export. Elite at €25 monthly raises the cap to 10,000 searches, adds bulk CSV upload for batch queries, priority API queueing, and bulk export functionality. All payments are final; the no-refund policy is strict, justified by the irreversible nature of cryptocurrency transactions and the intentional absence of account infrastructure that would enable credit issuance.

Security & custody

Lurk is non-custodial in the sense that it holds no user funds, no personal data, and no query history. The custody model is architectural rather than financial: users retain full control of their access token, and the platform cannot freeze, revoke for political reasons, or hand over account contents because no accounts exist. Token revocation is technically possible for terms-of-service violations, prohibited activities include stalking, doxxing, credential stuffing, unauthorized penetration testing, automated scraping, and use from sanctioned jurisdictions, but the operator has no identity to associate with the token, making enforcement rely on behavioral detection rather than personal attribution.

Security features include Tor availability for users seeking additional network-layer anonymity, open-source components where applicable, and encrypted transit for all connections. The status page indicates operational monitoring for search API, breach intelligence, IP intelligence, threat intelligence, payment processing, and token validation subsystems. A single first-party session cookie stores only the hashed token during active sessions; no analytical, marketing, or third-party scripts are loaded. The platform's trust score reflects its newness and the natural difficulty of verifying infrastructure claims, though ScamAdviser data for the related lurk.org domain suggests a multi-year registration history and valid SSL configuration.

Who it's for, verdict

Lurk occupies a narrow but critical niche: professional-grade OSINT and threat intelligence for users who refuse identity verification. It is best suited to independent security researchers, red-team operators, journalists investigating data breaches, and privacy advocates who need breach correlation, IP reputation, and darknet monitoring without creating a discoverable paper trail. The tool is not a casual consumer product; the deliberate friction of token management, the irreversibility of lost access, and the technical nature of query outputs assume a competent, self-reliant user base.

The overall score of 8/10 reflects strong alignment with no-KYC principles, a well-documented privacy architecture, and practical utility, dragged down by the unavoidable trust assumptions of any closed system claiming zero logs. For users already comfortable with Monero and token-based access models, Lurk offers a compelling alternative to mainstream intelligence platforms that require email registration, log queries by default, and present ripe targets for legal compulsion. For those needing hand-holding, dispute resolution, or regulatory recourse, the same design choices that protect privacy will feel like unacceptable risk.

Data sourced from kycnot.me

Pros

True no-KYC, no-account access with pseudonymous token model
Native Monero support for unlinkable payments
Tor availability and explicitly disabled IP/query logging
Comprehensive OSINT coverage: 15B+ credentials, GreyNoise/Shodan enrichment, 50+ darknet sources
Open API and bulk export for Pro/Elite tiers
PGP-signed warrant canary provides transparency signal

Cons

Lost tokens are permanently unrecoverable—no support channel exists
No refunds under any circumstance, including unused time or service dissatisfaction
Privacy claims are economically plausible but technically unverifiable
Free tier heavily restricted to 5 daily searches and limited query types

At a glance

Non-custodial

No email required

No IP logging

Why this score

Anonymous

Pseudonymous access, no personal data.

Frequently asked questions

Can I recover my access token if I lose it?

No. The token is generated and displayed exactly once. Lurk stores only its SHA-256 hash for validation, so no recovery flow exists. This elimination of recovery infrastructure is intentional—it removes a support vector that could be compromised, subpoenaed, or socially engineered.

Why does Lurk recommend Monero over Bitcoin?

Bitcoin operates on a public ledger where chain analysis can link payments to identities and potentially to tokens. Monero uses stealth addresses and ring signatures by default, breaking transaction graph analysis. For users prioritizing anonymity, Monero significantly reduces payment-linkage risk.

How can I trust that Lurk doesn't log my searches?

You cannot fully verify this claim, and Lurk explicitly states that anyone promising otherwise is dishonest. What they offer instead is a PGP-signed monthly warrant canary, public infrastructure documentation, Monero payment option, and an economic model where retaining data creates liability rather than value.

What happens if my token is revoked for a terms violation?

Token revocation occurs for prohibited activities like doxxing, credential stuffing, or scraping. Because Lurk holds no personal data, revocation is based on behavioral detection, not identity. No refunds are issued for revoked tokens.

Does Lurk offer any protection for individuals whose data appears in breach results?

Yes. Individuals can submit identifiers at lurk.st/optout. Lurk stores only a SHA-256 hash of the identifier and permanently excludes matching results from future searches.

Update log

May 27, 2026
Updated competitive comparison matrix with current tier pricing
Apr 12, 2026
Clarified token revocation mechanics versus account freeze terminology
Feb 28, 2026
Reviewed warrant canary publication cadence and PGP signature validity
Jan 18, 2026
Cross-checked API endpoint status against live status page
Dec 9, 2025
Added breach corpus size update to 15B+ indexed credentials
Oct 24, 2025
Adjusted privacy score after reviewing May 2026 policy refresh
Sep 10, 2025
Confirmed Monero remains primary recommended payment method
Aug 2, 2025
Re-verified Tor onion mirror accessibility and updated routing notes

Scores

Overall 8/10

Privacy 5/100

Trust 10/100

Accepted payments

Monero Bitcoin Lightning Fiat Cash

Features

Tor available
Open source
Non-custodial
No signup

Visit website

Related services

OpenMonero

openmonero.com

9.0

/ 10

Aggregator Exchange

OpenMonero is a privacy-oriented, no-signup marketplace for buying and selling Monero peer-to-peer, though its history of security breaches demands cautious evaluation.

L1 Anonymous

XMR BTC LN FIAT CASH

›Tor available ›Open source ›Non-custodial

NightTrader Exchange

nighttrader.exchange

9.0

/ 10

Aggregator Exchange

NightTrader Exchange is an open-source, non-custodial DEX built around multisignature wallets and threshold cryptography, offering pseudonymous access without KYC and native support for Bitcoin, UTXO assets and Ethereum tokens.

L1 Anonymous

XMR BTC LN FIAT CASH

›Tor available ›Open source ›Non-custodial

Trocador

trocador.app?ref=z5XqQPHqR4

8.0

/ 10

top Aggregator Cards Gift cards

Trocador is a privacy-first, non-custodial exchange aggregator that lets users swap crypto anonymously without creating accounts, scanning partner exchanges for the best available rates.

L1 Anonymous

XMR BTC LN FIAT CASH

›Tor available ›Open source ›Non-custodial