A collective list of public APIs for use in security. Contributions welcome
security-apis
A collective list of public JSON APIs for use in security. https://alexanderjaeger.de
Learn about REST: https://github.com/marmelab/awesome-rest
Index
Online
API |
Description |
Auth |
HTTPS |
Link |
Free / Commercial |
Apility.IO API |
Threat Intelligence Anti-Abuse API |
apiKey |
Yes |
Link! |
Free |
Alexa |
Alexa Top Sites |
apiKey |
Yes |
Link! |
? |
Bluecoat Site Review |
URL Analysis |
none |
Yes |
Link! |
Free |
bgpmon.net |
Bgp monitoring |
? |
Yes |
Link! |
? |
censys.io |
Free for Researchers Threat Intel |
apiKey |
Yes |
Link! |
? |
Certly |
Certly Guard |
apiKey |
Yes |
Link! |
? |
CIRCL CVE Search |
CVE Search |
none |
Yes |
Link! |
Free |
Cloidsploit |
Vuln Scanner |
apiKey |
Yes |
Link! |
Free |
CrowdStrike API |
TI |
apiKey |
Yes |
Link! |
NO |
Cymon.io |
Open Threat Intel |
apiKey |
Yes |
Link! |
? |
Cybergreen |
How clean is a network |
apiKey |
Yes |
Link! |
? |
DDosMon |
DDos Monitoring |
apiKey |
Yes |
Link! |
? |
Domaintools |
Commercial Threat Intel |
apiKey |
Yes |
Link! |
Commercial |
DShield |
Internet Storm Center API |
apiKey |
Yes |
Link! |
Free |
emergingthreats.net |
Domain / IP intelligence and reputation |
apiKey |
Yes |
Link! |
? |
Farsight DNSDB Passive DNS |
Passive DNS and more |
apiKey |
Yes |
Link! |
? |
Fireeye iSight |
Commercial Threat Intel |
apiKey |
Yes |
Link! |
Commercial |
FIRST.org |
Incident Response Teams API |
none |
Yes |
Link! |
? |
Flashpoint Intel |
Threat Intel |
apiKey |
Yes |
Link! |
? |
Flexera |
Vuln Management |
apiKey |
Yes |
Link! |
? |
HackerOne |
Query HackerOne reports |
apiKey |
Yes |
Link! |
? |
have i been pwned |
unofficial endpoints |
apiKey |
Yes |
Link! |
? |
Hybrid Analysis |
Online Sandbox |
none |
Yes |
Link! |
Free |
Malwr.com |
Malware analysis |
apiKey |
Yes |
Link! |
? |
MAlshare |
Malware Sharing |
apiKey |
Yes |
Link! |
? |
Mac Vendor Lookup |
Threat Intel |
apiKey |
Yes |
Link! |
? |
MaxMind |
GeoIP and More |
apiKey |
Yes |
Link! |
? |
NeutrinoAPI |
IP Blocklist API |
apiKey |
Yes |
Link! |
? |
Passive Total |
Threat Intel |
apiKey |
Yes |
Link! |
? |
Pastebin |
|
apiKey |
Yes |
Link! |
? |
Qualys SSLLabs |
Test SSL and more |
apiKey |
Yes |
Link! |
? |
Spamhaus |
Domain / IP intelligence and reputation |
? |
Yes |
Link! |
? |
Shadowserver Sandbox API |
Sandbox |
? |
Yes |
Link! |
Free |
Shadowserver Bintest API |
This server provides a lookup mechanism to test an executable file against a list of known software applications. |
? |
Yes |
Link! |
Free |
Shadowserver IP-BGP API |
Mapping IP numbers to BGP prefixes and ASNs |
? |
Yes |
Link! |
Free |
Tenable |
? |
? |
Yes |
Link! |
? |
Team Cymru |
Threat Intel |
apiKey |
Yes |
Link! |
Both |
VirusTotal |
VirusTotal File/URL Analysis |
apiKey |
Yes |
Link! |
? |
vulners |
vulners Vuln Database |
apiKey |
Yes |
Link! |
? |
whoisxmlapi.com |
Whois APIs |
apiKey |
Yes |
Link! |
Commercial |
Zoomeye |
CVE Search |
apiKey |
Yes |
Link! |
? |
Tools
API |
Description |
Auth |
HTTPS |
Link |
Free / Commercial |
Carbon Black |
Endpoint Security |
apiKey |
Yes |
Link! |
Commercial |
Cuckoo |
Cuckoo Sandbox |
apiKey |
Yes |
Link! |
OpenSource |
CRITS |
TI System |
apiKey |
Yes |
Link! |
? |
CrowdStrike falcon-orchestrator |
Orchestrator |
apiKey |
Yes |
Link! |
yes |
Cymetria Maze Runner |
- |
apiKey |
Yes |
Link! |
? |
emlrender |
EML file rendering tool |
password |
Yes |
Link! |
OpenSource |
FireEye |
Endpoint Security |
apiKey |
Yes |
Link! |
? |
GRR |
Endpoint Incident Response tool |
apiKey |
Yes |
Link! |
OpenSource |
Kolide Fleet |
osQuery fleet management |
? |
Yes |
Link! |
OpenSource |
Lastline |
Lastline Enterprise |
ApiKey |
Yes |
Link! |
Commercial |
MISP |
Open Source Threat Intelligence Platform |
apiKey |
Yes |
Link! |
OpenSource |
Metadefender |
MultiAV |
apiKey |
Yes |
Link! |
Commercial |
Metasploit |
Exploiting |
apiKey |
Yes |
Link! |
Commercial |
OTRS |
Open Ticket Relay System |
apiKey |
Yes |
Link! |
? |
Plaso |
Plaso Langar Að Safna Öllu |
apiKey |
Yes |
Link! |
OpenSource |
Recorded Future |
Threat Intelligence Platform |
apiKey |
Yes |
Link! |
? |
Request Tracker |
Ticketing System |
apiKey |
Yes |
Link! |
? |
Scot |
SCOT - Sandia Cyber Omni Tracker Ticketing System |
apiKey |
Yes |
Link! |
Free |
TheHive |
Security Incident Response Platform |
apiKey |
Yes |
Link! |
Free |
Viper.li |
Viper malware repository API |
apiKey |
Yes |
Link! |
OpenSource |
VMRay |
VMRay Sandbox |
apiKey |
Yes |
Link! |
? |
SIEM
API |
Description |
Auth |
HTTPS |
Link |
Free / Commercial |
ArcSight |
HP ArcSight API |
None |
No |
Link! |
Commercial |
AlienVault |
AlienVault API |
Yes |
Yes |
Link! |
Commercial |
ELK |
ELK Stack API |
None |
No |
Link! |
OpenSource |
Gravwell |
Gravwell API |
Yes |
Yes |
Link! |
Community / Commercial |
Humio |
Humio API |
Yes |
Yes |
Link! |
Community / Commercial |
QRadar |
IBM QRadar API |
None |
No |
Link! |
Commercial |
Splunk |
Splunk API |
None |
No |
Link! |
Commercial |
Various
API |
Description |
Auth |
HTTPS |
Link |
Free / Commercial |
AlienVault Open Threat Exchange (OTX) |
IP/domain/URL reputation |
apiKey |
Yes |
Link! |
? |
Certly |
Certly Link/Domain Flagging |
apiKey |
Yes |
Link! |
? |
Cisco ISE |
ISE is an identity and access control policy platform |
apiKey |
Yes |
Link! |
? |
Cisco PXGrid |
Cisco Platform Exchange Grid |
apiKey |
Yes |
Link! |
? |
Cisco Security APIs |
Cisco Developer Page |
`` |
? |
Link! |
? |
Cisco Umbrella |
Cisco Umbrella Enforcement API |
apiKey |
Yes |
Link! |
? |
Cyphon |
Open Source INcident Management tool |
apiKey |
Yes |
Link! |
? |
Google Safe Browsing |
Google Link/Domain Flagging |
apiKey |
Yes |
Link! |
? |
Metacert |
Metacert Link Flagging |
apiKey |
Yes |
Link! |
? |
National Software Reference Library (NSRL) |
- |
apiKey |
Yes |
Link! |
? |
PaloAlto |
PaloAlto FW API |
Yes |
Yes |
Link! |
Commercial |
RSA Secure ID |
Metacert Link Flagging |
apiKey |
Yes |
Link! |
? |
ServiceNow |
ServiceNow API |
apiKey |
Yes |
Link! |
Commercial |
Web Of Trust (WOT) |
Website reputation |
apiKey |
Yes |
Link! |
? |