A collective list of public APIs for use in security. Contributions welcome
security-apis
A collective list of public JSON APIs for use in security. https://alexanderjaeger.de
Index
Online
API |
Description |
Auth |
HTTPS |
Link |
Free / Commercial |
VirusTotal |
VirusTotal File/URL Analysis |
apiKey |
Yes |
Link! |
? |
Malwr.com |
Malware analysis |
apiKey |
Yes |
Link! |
? |
Bluecoat Site Review |
URL Analysis |
none |
Yes |
Link! |
Free |
FIRST.org |
Incident Response Teams API |
none |
Yes |
Link! |
? |
Alexa |
Alexa Top Sites |
apiKey |
Yes |
Link! |
? |
Certly |
Certly Guard |
apiKey |
Yes |
Link! |
? |
DShield |
Internet Storm Center API |
apiKey |
Yes |
Link! |
Free |
Cymon.io |
Open Threat Intel |
apiKey |
Yes |
Link! |
? |
Fireeye iSight |
Comercial Threat Intel |
apiKey |
Yes |
Link! |
Commercial |
Domaintools |
Comercial Threat Intel |
apiKey |
Yes |
Link! |
Commercial |
censys.io |
Free for Researchers Threat Intel |
apiKey |
Yes |
Link! |
? |
MAlshare |
Malware Sharing |
apiKey |
Yes |
Link! |
? |
Mac Vendor Lookup |
Threat Intel |
apiKey |
Yes |
Link! |
? |
MaxMind |
GeoIP and More |
apiKey |
Yes |
Link! |
? |
Qualys SSLLabs |
Test SSL and more |
apiKey |
Yes |
Link! |
? |
Farsight DNSDB Passive DNS |
Passive DNS and more |
apiKey |
Yes |
Link! |
? |
Passive Total |
Threat Intel |
apiKey |
Yes |
Link! |
? |
Team Cymru |
Threat Intel |
apiKey |
Yes |
Link! |
Both |
emergingthreats.net |
Domain / IP intelligence and reputation |
apiKey |
Yes |
Link! |
? |
Spamhaus |
Domain / IP intelligence and reputation |
? |
Yes |
Link! |
? |
Tools
API |
Description |
Auth |
HTTPS |
Link |
Free / Commercial |
Viper.li |
Viper malware repository API |
None |
No |
Link! |
OpenSource |
Cuckoo |
Cuckoo Sandbox |
apiKey |
Yes |
Link! |
OpenSource |
VMRay |
VMRay Sandbox |
apiKey |
Yes |
Link! |
? |
Cymetria Maze Runner |
- |
apiKey |
Yes |
Link! |
? |
Carbon Black |
Endpoint Security |
apiKey |
Yes |
Link! |
Commercial |
FireEye |
Endpoint Security |
apiKey |
Yes |
Link! |
? |
MISP |
Open Source Threat Intelligence Platform |
apiKey |
Yes |
Link! |
OpenSource |
Recorded Future |
Threat Intelligence Platform |
apiKey |
Yes |
Link! |
? |
OTRS |
Open Ticket Relay System |
apiKey |
Yes |
Link! |
? |
CRITS |
TI System |
apiKey |
Yes |
Link! |
? |
TheHive |
TI System |
apiKey |
Yes |
Link! |
Free |
GRR |
Endpoint Incident Response tool |
apiKey |
Yes |
Link! |
OpenSource |
SIEM
API |
Description |
Auth |
HTTPS |
Link |
Free / Commercial |
Splunk |
Splunk API |
None |
No |
Link! |
Commercial |
ArcSight |
HP ArcSight API |
None |
No |
Link! |
Commercial |
QRadar |
IBM QRadar API |
None |
No |
Link! |
Commercial |
ELK |
ELK Stack API |
None |
No |
Link! |
OpenSource |
Various
API |
Description |
Auth |
HTTPS |
Link |
Free / Commercial |
AlienVault Open Threat Exchange (OTX) |
IP/domain/URL reputation |
apiKey |
Yes |
Link! |
? |
Certly |
Certly Link/Domain Flagging |
apiKey |
Yes |
Link! |
? |
Google Safe Browsing |
Google Link/Domain Flagging |
apiKey |
Yes |
Link! |
? |
Metacert |
Metacert Link Flagging |
apiKey |
Yes |
Link! |
? |
VirusTotal |
VirusTotal File/URL Analysis |
apiKey |
Yes |
Link! |
Both |
Web Of Trust (WOT) |
Website reputation |
apiKey |
Yes |
Link! |
? |