mirror of
https://github.com/jaegeral/security-apis.git
synced 2024-10-01 05:05:45 -04:00
Merge pull request #14 from rus-cert/master
unofficial API endpoints for HIBP
This commit is contained in:
commit
167c451965
@ -33,7 +33,7 @@ API | Description | Auth | HTTPS | Link | Free / Commercial|
|
|||||||
| Flashpoint Intel | Threat Intel | `apiKey` | Yes | [Link!](https://www.flashpoint-intel.com/api/) |?|
|
| Flashpoint Intel | Threat Intel | `apiKey` | Yes | [Link!](https://www.flashpoint-intel.com/api/) |?|
|
||||||
| Flexera | Vuln Management | `apiKey` | Yes | [Link!](http://helpnet.flexerasoftware.com/svm/api/Default.htm) |?|
|
| Flexera | Vuln Management | `apiKey` | Yes | [Link!](http://helpnet.flexerasoftware.com/svm/api/Default.htm) |?|
|
||||||
| HackerOne | Query HackerOne reports | `apiKey` | Yes | [Link!](https://api.hackerone.com/docs/v1) |?|
|
| HackerOne | Query HackerOne reports | `apiKey` | Yes | [Link!](https://api.hackerone.com/docs/v1) |?|
|
||||||
| have i been pwned | - | `apiKey` | Yes | [Link!](https://haveibeenpwned.com/API/v2) |?|
|
| have i been pwned | [unofficial endpoints](apidocs/haveIBeenPwned.md) | `apiKey` | Yes | [Link!](https://haveibeenpwned.com/API/v2) |?|
|
||||||
| Hybrid Analysis | Online Sandbox | `none` | Yes | [Link!](https://www.hybrid-analysis.com/docs/api/v2) |Free|
|
| Hybrid Analysis | Online Sandbox | `none` | Yes | [Link!](https://www.hybrid-analysis.com/docs/api/v2) |Free|
|
||||||
| Malwr.com | Malware analysis | `apiKey` | Yes | [Link!](https://malwr.com/) |?|
|
| Malwr.com | Malware analysis | `apiKey` | Yes | [Link!](https://malwr.com/) |?|
|
||||||
| MAlshare | Malware Sharing | `apiKey` | Yes | [Link!](https://malshare.com/doc.php) |?|
|
| MAlshare | Malware Sharing | `apiKey` | Yes | [Link!](https://malshare.com/doc.php) |?|
|
||||||
|
20
apidocs/haveIBeenPwned.md
Normal file
20
apidocs/haveIBeenPwned.md
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
Unofficial API-Endpoints for HIBP
|
||||||
|
=================================
|
||||||
|
|
||||||
|
## DomainSearch
|
||||||
|
|
||||||
|
When using the [domain search feature](https://haveibeenpwned.com/DomainSearch) from HIBP you receive email
|
||||||
|
notifications with a token to get all breaches for all accounts within the domain.
|
||||||
|
|
||||||
|
Currently (April 2018), to get the search results for this token, the workflow and endpoints are:
|
||||||
|
|
||||||
|
* The token can be extracted from a link of the form `https://haveibeenpwned.com/DomainSearch/${token}`, which is contained in the mail from HIBP
|
||||||
|
* Trigger a mail with links to the search-result: `GET https://haveibeenpwned.com/api/multidomainsearch/${token}`
|
||||||
|
Response should be `"ReadyForVerificationToken"`
|
||||||
|
* In the new mail, look for a link of the form `https://haveibeenpwned.com/DomainSearch/${token}/json` and `GET` it. It contains the full result of your search in json format:
|
||||||
|
```
|
||||||
|
{
|
||||||
|
"BreachSearchResults": [ { DomainName: "...", Alias: "...", Breaches: [ <See breach model from https://haveibeenpwned.com/API/v2#BreachModel> ] }]
|
||||||
|
"PasteSearchResults": [ { DomainName: "...", Alias: "...", Pastes: [ <See paste model from https://haveibeenpwned.com/API/v2#PasteModel> ] }]
|
||||||
|
}
|
||||||
|
```
|
Loading…
Reference in New Issue
Block a user