ThreatDrop

Suspicious email? Forward it. Get a verdict.

ThreatDrop detonates suspicious emails in isolated environments and returns structured evidence reports. No signup required for community access — just forward to submit@blackdome.ai.

Forward an EmailRead ThreatDrop Docs
Differentiator

Most email analysis tools tell you an attachment is bad. ThreatDrop shows you what it does — full detonation report with IOCs, behaviour analysis, and evidence you can act on.

$0
Free tier
$49
Pro monthly
Webhook
Analysis callbacks
JSON
Evidence reports

What Security Teams Get

ThreatDrop is designed for the real handoff from suspicious email to analyst workflow, ticket, or takedown action.

Submission History

List your own forwarded submissions with verdict, confidence, risk score, detonation status, and evidence links instead of relying on a one-off mailbox response.

Evidence Reports

Download structured JSON evidence containing normalized email content, detonations, abuse reports, and phone-report results for case files or downstream tooling.

Webhook Delivery

Trigger internal workflows when analysis completes by receiving an `analysis_complete` POST with verdict, confidence, detonation counts, and the evidence URL.

How ThreatDrop Works

The free and paid product tiers share the same intake path. The difference is what your team can do with the results.

1

Forward the message

Send the suspicious email to submit@blackdome.ai from Gmail, Outlook, Apple Mail, or your preferred client.

2

BlackDome analyzes

ThreatDrop extracts URLs, attachments, and indicators, then detonates suspicious assets in isolated environments.

3

Providers are notified

Confirmed phishing infrastructure and scam callback numbers are pushed into hosting-provider and carrier abuse workflows.

4

Your team consumes the evidence

Paid plans expose customer dashboards, APIs, webhooks, and downloadable evidence records tied to your own submissions.

Built For

Typical teams buying ThreatDrop Pro or Enterprise.

Internal SOC
Mailbox triage
IR Teams
Evidence-backed response
MSPs
Customer escalation
Brand Protection
Enterprise tier

Choose Your ThreatDrop Tier

Start with free forwarding, then upgrade when your team needs customer-visible evidence and automation.

Free

$0/mo

Community submission path for individuals and early evaluations.

  • Forward emails to submit@blackdome.ai
  • Basic verdict visibility
  • Public community impact
  • No API key required
Start Free
POPULAR

Pro

$49/mo

Customer API access, evidence JSON, and webhook-driven workflows.

  • Submission API access
  • Webhook notifications
  • Detailed evidence reports
  • Priority analysis queue
  • Phone number identification results
Start Pro

Enterprise

$499/mo

Dedicated analysis throughput with SLA-backed operations and brand monitoring.

  • Everything in Pro
  • SLA-backed support
  • Dedicated analysis lane
  • Brand monitoring included
  • 50K API requests/day
Start Enterprise

API Preview

What your first ThreatDrop automation can look like.

GET /api/threatdrop/submissions
GET /api/threatdrop/submissions/{id}
GET /api/threatdrop/submissions/{id}/evidence
POST webhook event: analysis_complete

ThreatDrop docs include forwarding instructions, webhook payload examples, and evidence-report structure.

Start with forwarding. Automate when the team needs it.

Forward suspicious mail for free, then turn the same intake path into dashboards, APIs, and webhooks when you need scale and repeatability.

Forward an EmailRead ThreatDrop Docs