mirror of
https://github.com/jaegeral/security-apis.git
synced 2024-10-01 09:05:45 +00:00
409bd1ab30
form check
98 lines
8.4 KiB
Markdown
98 lines
8.4 KiB
Markdown
# security-apis
|
|
A collective list of public JSON APIs for use in security. https://alexanderjaeger.de
|
|
|
|
# Index
|
|
* [Online](#online)
|
|
* [Tools](#tools)
|
|
* [SIEM](#siem)
|
|
* [Various](#various)
|
|
|
|
|
|
## Online
|
|
API | Description | Auth | HTTPS | Link | Free / Commercial|
|
|
|---|---|---|---|---|---|
|
|
| Apility.IO API | Threat Intelligence Anti-Abuse API | `apiKey` | Yes | [Link!](https://apidocs.apility.io/) |Free|
|
|
| Alexa | Alexa Top Sites | `apiKey` | Yes | [Link!](https://docs.aws.amazon.com/AlexaTopSites/latest/) |?|
|
|
| Bluecoat Site Review | URL Analysis | `none` | Yes | [Link!](https://sitereview.bluecoat.com/sitereview.jsp) |Free|
|
|
| bgpmon.net | Bgp monitoring | `?` | Yes | [Link!](https://bgpmon.net/bgpmon-web-services-api/) |?|
|
|
| censys.io | Free for Researchers Threat Intel | `apiKey` | Yes | [Link!](https://censys.io/api) |?|
|
|
| Certly | Certly Guard | `apiKey` | Yes | [Link!](https://guard.certly.io/) |?|
|
|
| CIRCL CVE Search | CVE Search | `apiKey` | Yes | [Link!](https://cve.circl.lu/api/) |Free|
|
|
| Cloidsploit | Vuln Scanner | `apiKey` | Yes | [Link!](https://cloudsploit.com/api) |Free|
|
|
| CrowdStrike API | TI | `apiKey` | Yes | [Link!](https://www.crowdstrike.com/blog/tech-center/get-access-crowdstrike-apis/) |NO|
|
|
| Cymon.io | Open Threat Intel | `apiKey` | Yes | [Link!](https://guard.certly.io/) |?|
|
|
| Cybergreen | How clean is a network | `apiKey` | Yes | [Link!](http://stats.cybergreen.net/download/) |?|
|
|
| DDosMon | DDos Monitoring | `apiKey` | Yes | [Link!](https://api.ddosmon.net/docs/) |?|
|
|
| Domaintools | Comercial Threat Intel | `apiKey` | Yes | [Link!](https://www.domaintools.com/products/api-integration/) |Commercial|
|
|
| DShield | Internet Storm Center API | `apiKey` | Yes | [Link!](https://www.dshield.org/api/) |Free|
|
|
| emergingthreats.net | Domain / IP intelligence and reputation | `apiKey` | Yes | [Link!](http://apidocs.emergingthreats.net/) |?|
|
|
| Farsight DNSDB Passive DNS | Passive DNS and more | `apiKey` | Yes | [Link!](https://api.dnsdb.info/) |?|
|
|
| Fireeye iSight | Comercial Threat Intel | `apiKey` | Yes | [Link!](https://docs.fireeye.com/iSight/index.html#/) |Commercial|
|
|
| FIRST.org | Incident Response Teams API | `none` | Yes | [Link!](https://api.first.org/) |?|
|
|
| Flashpoint Intel | Threat Intel | `apiKey` | Yes | [Link!](https://www.flashpoint-intel.com/api/) |?|
|
|
| Flexera | Vuln Management | `apiKey` | Yes | [Link!](http://helpnet.flexerasoftware.com/svm/api/Default.htm) |?|
|
|
| HackerOne | Query HackerOne reports | `apiKey` | Yes | [Link!](https://api.hackerone.com/docs/v1) |?|
|
|
| have i been pwned | - | `apiKey` | Yes | [Link!](https://haveibeenpwned.com/API/v2) |?|
|
|
| Hybrid Analysis | Online Sandbox | `none` | Yes | [Link!](https://www.hybrid-analysis.com/apikeys/info) |Free|
|
|
| Malwr.com | Malware analysis | `apiKey` | Yes | [Link!](https://malwr.com/) |?|
|
|
| MAlshare | Malware Sharing | `apiKey` | Yes | [Link!](https://malshare.com/doc.php) |?|
|
|
| Mac Vendor Lookup | Threat Intel | `apiKey` | Yes | [Link!](https://macvendors.com/api) |?|
|
|
| MaxMind | GeoIP and More | `apiKey` | Yes | [Link!](https://dev.maxmind.com/) |?|
|
|
| NeutrinoAPI | IP Blocklist API | `apiKey` | Yes | [Link!](https://www.neutrinoapi.com/api/ip-blocklist/) |?|
|
|
| Passive Total | Threat Intel | `apiKey` | Yes | [Link!](https://api.passivetotal.org/api/docs/) |?|
|
|
| Pastebin | | `apiKey` | Yes | [Link!](https://pastebin.com/api) |?|
|
|
| Qualys SSLLabs | Test SSL and more | `apiKey` | Yes | [Link!](https://www.ssllabs.com/projects/ssllabs-apis/) |?|
|
|
| Spamhaus | Domain / IP intelligence and reputation | `?` | Yes | [Link!](https://www.spamhaus.org/zen/) |?|
|
|
| Tenable | ? | `?` | Yes | [Link!](https://cloud.tenable.com/api#/overview) |?|
|
|
| Team Cymru | Threat Intel | `apiKey` | Yes | [Link!](http://www.team-cymru.org/services.html) |Both|
|
|
| VirusTotal | VirusTotal File/URL Analysis | `apiKey` | Yes | [Link!](https://www.virustotal.com/en/documentation/public-api/) |?|
|
|
| Zoomeye | CVE Search | `apiKey` | Yes | [Link!](https://www.zoomeye.org/api) |?|
|
|
|
|
## Tools
|
|
|
|
API | Description | Auth | HTTPS | Link | Free / Commercial|
|
|
|---|---|---|---|---|---|
|
|
| Carbon Black | Endpoint Security | `apiKey` | Yes | [Link!](https://github.com/carbonblack/cbapi) |Commercial|
|
|
| Cuckoo | Cuckoo Sandbox | `apiKey` | Yes | [Link!](https://malwr.com/) |OpenSource|
|
|
| CRITS | TI System | `apiKey` | Yes | [Link!](https://github.com/crits/crits/wiki/Authenticated-API) |?|
|
|
| CrowdStrike falcon-orchestrator | Orchestrator | `apiKey` | Yes | [Link!](https://github.com/CrowdStrike/falcon-orchestrator/wiki/Installation-&-Deployment) |yes|
|
|
| Cymetria Maze Runner | - | `apiKey` | Yes | [Link!](https://community.cymmetria.com/api/sdk.pdf) |?|
|
|
| FireEye | Endpoint Security | `apiKey` | Yes | [Link!](https://docs.fireeye.com/) |?|
|
|
| GRR | Endpoint Incident Response tool | `apiKey` | Yes | [Link!](http://grr-doc.readthedocs.io/en/v3.2.0/investigating-with-grr/automation-with-api.html) |OpenSource|
|
|
| Carbon Black | Endpoint Security | `apiKey` | Yes | [Link!](https://github.com/carbonblack/cbapi) |Commercial|
|
|
| MISP | Open Source Threat Intelligence Platform | `apiKey` | Yes | [Link!](https://www.circl.lu/doc/misp/automation/) |OpenSource|
|
|
| Metadefender | MultiAV | `apiKey` | Yes | [Link!](https://www.opswat.com/products/metadefender/developers/apis) |Commercial|
|
|
| Metasploit | Exploiting | `apiKey` | Yes | [Link!](http://rapid7.github.io/metasploit-framework/api/) |Commercial|
|
|
| OTRS | Open Ticket Relay System | `apiKey` | Yes | [Link!](https://doc.otrs.com/doc/api/otrs/6.0/Perl/index.html) |?|
|
|
| Plaso | Plaso Langar Að Safna Öllu | `apiKey` | Yes | [Link!](https://readthedocs.org/projects/plaso-api/) |OpenSource|
|
|
| Recorded Future | Threat Intelligence Platform | `apiKey` | Yes | [Link!](https://www.circl.lu/doc/misp/automation/) |?|
|
|
| Request Tracker | Ticketing System | `apiKey` | Yes | [Link!](https://rt-wiki.bestpractical.com/wiki/REST) |?|
|
|
| Scot | SCOT - Sandia Cyber Omni Tracker Ticketing System | `apiKey` | Yes | [Link!](http://scot.readthedocs.io/en/latest/devguide.html#scot-rest-api) |Free|
|
|
| TheHive | TI System | `apiKey` | Yes | [Link!](https://blog.thehive-project.org/tag/api/) |Free|
|
|
| Viper.li | Viper malware repository API | `None` | No | [Link!](http://viper-framework.readthedocs.io/en/latest/usage/web.html) |OpenSource|
|
|
| VMRay | VMRay Sandbox | `apiKey` | Yes | [Link!](https://www.vmray.com/blog/v-1-9-api-now-restjson/) |?|
|
|
|
|
## SIEM
|
|
API | Description | Auth | HTTPS | Link | Free / Commercial|
|
|
|---|---|---|---|---|---|
|
|
| ArcSight | HP ArcSight API | `None` | No | [Link!](https://h41382.www4.hpe.com/gfs-shared/downloads-273.pdf) |Commercial|
|
|
| ELK | ELK Stack API | `None` | No | [Link!](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs.html) |OpenSource|
|
|
| QRadar | IBM QRadar API | `None` | No | [Link!](https://www.ibm.com/support/knowledgecenter/SSKMKU/com.ibm.qradar.doc_cloud/c_rest_api_getting_started.html) |Commercial|
|
|
| Splunk | Splunk API | `None` | No | [Link!](http://dev.splunk.com/restapi) |Commercial|
|
|
|
|
### Various
|
|
API | Description | Auth | HTTPS | Link |Free / Commercial|
|
|
|---|---|---|---|---|---|
|
|
| AlienVault Open Threat Exchange (OTX) | IP/domain/URL reputation | `apiKey` | Yes | [Link!](https://otx.alienvault.com/api/) |?|
|
|
| Certly | Certly Link/Domain Flagging | `apiKey` | Yes | [Link!](https://guard.certly.io/) |?|
|
|
| Cisco ISE | ISE is an identity and access control policy platform | `apiKey` | Yes | [Link!](https://www.cisco.com/c/en/us/support/security/identity-services-engine/products-command-reference-list.html) |?|
|
|
| Cisco PXGrid | Cisco Platform Exchange Grid | `apiKey` | Yes | [Link!](https://developer.cisco.com/site/pxgrid/) |?|
|
|
| Cisco Security APIs | Cisco Developer Page | `` | ? | [Link!](https://developer.cisco.com/site/security/) |?|
|
|
| Cisco Umbrella | Cisco Umbrella Enforcement API | `apiKey` | Yes | [Link!](https://docs.umbrella.com/developer/enforcement-api/) |?|
|
|
| Cyphon | Open Source INcident Management tool | `apiKey` | Yes | [Link!](http://cyphon.readthedocs.io/en/latest/api.html) |?|
|
|
| Google Safe Browsing | Google Link/Domain Flagging | `apiKey` | Yes | [Link!](https://developers.google.com/safe-browsing/) |?|
|
|
| Metacert | Metacert Link Flagging | `apiKey` | Yes | [Link!](https://metacert.com/) |?|
|
|
| National Software Reference Library (NSRL) | - | `apiKey` | Yes | [Link!](https://github.com/bsi-group/nsrls) |?|
|
|
| RSA Secure ID | Metacert Link Flagging | `apiKey` | Yes | [Link!]( https://community.rsa.com/docs/DOC-75741) |?|
|
|
| Web Of Trust (WOT) | Website reputation | `apiKey` | Yes | [Link!](https://www.mywot.com/wiki/API) |?|
|