A collective list of public APIs for use in security. Contributions welcome
security-apis
A collective list of public JSON APIs for use in security. https://alexanderjaeger.de
Index
Online
API |
Description |
Auth |
HTTPS |
Link |
Free / Commercial |
Alexa |
Alexa Top Sites |
apiKey |
Yes |
Link! |
? |
Bluecoat Site Review |
URL Analysis |
none |
Yes |
Link! |
Free |
censys.io |
Free for Researchers Threat Intel |
apiKey |
Yes |
Link! |
? |
Certly |
Certly Guard |
apiKey |
Yes |
Link! |
? |
CIRCL CVE Search |
CVE Search |
apiKey |
Yes |
Link! |
Free |
CrowdStrike API |
TI |
apiKey |
Yes |
[Link!](https://www.crowdstrike.com/blog/tech-center/get-access-crowdstrike-apis/ |
|
) |
NO |
|
|
|
|
Cymon.io |
Open Threat Intel |
apiKey |
Yes |
Link! |
? |
Domaintools |
Comercial Threat Intel |
apiKey |
Yes |
Link! |
Commercial |
DShield |
Internet Storm Center API |
apiKey |
Yes |
Link! |
Free |
emergingthreats.net |
Domain / IP intelligence and reputation |
apiKey |
Yes |
Link! |
? |
Farsight DNSDB Passive DNS |
Passive DNS and more |
apiKey |
Yes |
Link! |
? |
Fireeye iSight |
Comercial Threat Intel |
apiKey |
Yes |
Link! |
Commercial |
FIRST.org |
Incident Response Teams API |
none |
Yes |
Link! |
? |
have i been pwned |
- |
apiKey |
Yes |
[Link!](https://haveibeenpwned.com/API/v2 |
|
) |
? |
|
|
|
|
Hybrid Analysis |
Online Sandbox |
none |
Yes |
Link! |
Free |
Malwr.com |
Malware analysis |
apiKey |
Yes |
Link! |
? |
MAlshare |
Malware Sharing |
apiKey |
Yes |
Link! |
? |
Mac Vendor Lookup |
Threat Intel |
apiKey |
Yes |
Link! |
? |
MaxMind |
GeoIP and More |
apiKey |
Yes |
Link! |
? |
Passive Total |
Threat Intel |
apiKey |
Yes |
Link! |
? |
Pastebin |
|
apiKey |
Yes |
Link! |
? |
Qualys SSLLabs |
Test SSL and more |
apiKey |
Yes |
Link! |
? |
Spamhaus |
Domain / IP intelligence and reputation |
? |
Yes |
Link! |
? |
Team Cymru |
Threat Intel |
apiKey |
Yes |
Link! |
Both |
VirusTotal |
VirusTotal File/URL Analysis |
apiKey |
Yes |
Link! |
? |
Zoomeye |
CVE Search |
apiKey |
Yes |
Link! |
? |
Tools
API |
Description |
Auth |
HTTPS |
Link |
Free / Commercial |
Carbon Black |
Endpoint Security |
apiKey |
Yes |
Link! |
Commercial |
Cuckoo |
Cuckoo Sandbox |
apiKey |
Yes |
Link! |
OpenSource |
CRITS |
TI System |
apiKey |
Yes |
Link! |
? |
CrowdStrike falcon-orchestrator |
Orchestrator |
apiKey |
Yes |
Link! |
yes |
Cymetria Maze Runner |
- |
apiKey |
Yes |
Link! |
? |
FireEye |
Endpoint Security |
apiKey |
Yes |
Link! |
? |
GRR |
Endpoint Incident Response tool |
apiKey |
Yes |
Link! |
OpenSource |
Carbon Black |
Endpoint Security |
apiKey |
Yes |
Link! |
Commercial |
MISP |
Open Source Threat Intelligence Platform |
apiKey |
Yes |
Link! |
OpenSource |
Metadefender |
MultiAV |
apiKey |
Yes |
Link! |
Commercial |
OTRS |
Open Ticket Relay System |
apiKey |
Yes |
Link! |
? |
Plaso |
Plaso Langar Að Safna Öllu |
apiKey |
Yes |
Link! |
OpenSource |
Recorded Future |
Threat Intelligence Platform |
apiKey |
Yes |
Link! |
? |
Request Tracker |
Ticketing System |
apiKey |
Yes |
Link! |
? |
Scot |
SCOT - Sandia Cyber Omni Tracker Ticketing System |
apiKey |
Yes |
Link! |
Free |
TheHive |
TI System |
apiKey |
Yes |
Link! |
Free |
Viper.li |
Viper malware repository API |
None |
No |
Link! |
OpenSource |
VMRay |
VMRay Sandbox |
apiKey |
Yes |
Link! |
? |
SIEM
API |
Description |
Auth |
HTTPS |
Link |
Free / Commercial |
ArcSight |
HP ArcSight API |
None |
No |
Link! |
Commercial |
ELK |
ELK Stack API |
None |
No |
Link! |
OpenSource |
QRadar |
IBM QRadar API |
None |
No |
Link! |
Commercial |
Splunk |
Splunk API |
None |
No |
Link! |
Commercial |
Various
API |
Description |
Auth |
HTTPS |
Link |
Free / Commercial |
AlienVault Open Threat Exchange (OTX) |
IP/domain/URL reputation |
apiKey |
Yes |
Link! |
? |
Certly |
Certly Link/Domain Flagging |
apiKey |
Yes |
Link! |
? |
Cisco ISE |
ISE is an identity and access control policy platform |
apiKey |
Yes |
Link! |
? |
Cisco PXGrid |
Cisco Platform Exchange Grid |
apiKey |
Yes |
Link! |
? |
Cisco Security APIs |
Cisco Developer Page |
`` |
? |
Link! |
? |
Cisco Umbrella |
Cisco Umbrella Enforcement API |
apiKey |
Yes |
Link! |
? |
Cyphon |
Open Source INcident Management tool |
apiKey |
Yes |
Link! |
? |
Google Safe Browsing |
Google Link/Domain Flagging |
apiKey |
Yes |
Link! |
? |
Metacert |
Metacert Link Flagging |
apiKey |
Yes |
Link! |
? |
National Software Reference Library (NSRL) |
- |
apiKey |
Yes |
Link! |
? |
RSA Secure ID |
Metacert Link Flagging |
apiKey |
Yes |
Link! |
? |
Web Of Trust (WOT) |
Website reputation |
apiKey |
Yes |
Link! |
? |