mirror of
https://github.com/jaegeral/security-apis.git
synced 2024-10-01 05:05:45 -04:00
A collective list of public APIs for use in security. Contributions welcome
f3b98e824a
Add the Pulsedive API. Pulsedive is a free threat intelligence platform with a ton of data on millions of IOCs from over 50 open source threat intelligence feeds. Search across WHOIS data, SSL cert info, DNS records, HTTP headers, meta tags, web technologies, and much more. |
||
|---|---|---|
| apidocs | ||
| CONTRIBUTING.md | ||
| LICENSE | ||
| README.md | ||
awesome-security-apis
A collective awesome list of public (JSON) APIs for use in security.
The list ist supported by https://alexanderjaeger.de
Learn about REST: https://github.com/marmelab/awesome-rest
Thanks to all contributors, you're awesome and wouldn't be possible without you! The goal is to build a categorized community-driven collection of APIs relevant for security people.
Index
Online
| API | Description | Auth | HTTPS | Link | Free / Commercial |
|---|---|---|---|---|---|
| Apility.IO API | Threat Intelligence Anti-Abuse API | apiKey |
Yes | Link! | Free |
| Alexa | Alexa Top Sites | apiKey |
Yes | Link! | ? |
| Bluecoat Site Review | URL Analysis | none |
Yes | Link! | Free |
| bgpmon.net | Bgp monitoring | ? |
Yes | Link! | ? |
| censys.io | Free for Researchers Threat Intel | apiKey |
Yes | Link! | ? |
| Certly | Certly Guard | apiKey |
Yes | Link! | ? |
| CIRCL CVE Search | CVE Search | none |
Yes | Link! | Free |
| Cloidsploit | Vuln Scanner | apiKey |
Yes | Link! | Free |
| CrowdStrike API | TI | apiKey |
Yes | Link! | NO |
| Cymon.io | Open Threat Intel | apiKey |
Yes | Link! | ? |
| Cybergreen | How clean is a network | apiKey |
Yes | Link! | ? |
| DDosMon | DDos Monitoring | apiKey |
Yes | Link! | ? |
| Domaintools | Commercial Threat Intel | apiKey |
Yes | Link! | Commercial |
| DShield | Internet Storm Center API | apiKey |
Yes | Link! | Free |
| emergingthreats.net | Domain / IP intelligence and reputation | apiKey |
Yes | Link! | ? |
| Farsight DNSDB Passive DNS | Passive DNS and more | apiKey |
Yes | Link! | ? |
| Fireeye iSight | Commercial Threat Intel | apiKey |
Yes | Link! | Commercial |
| FIRST.org | Incident Response Teams API | none |
Yes | Link! | ? |
| Flashpoint Intel | Threat Intel | apiKey |
Yes | Link! | ? |
| Flexera | Vuln Management | apiKey |
Yes | Link! | ? |
| GreyNoise | GreyNoise is a system that collects and analyzes data on Internet-wide scanners. | apiKey |
Yes | Link! | Commercial |
| HackerOne | Query HackerOne reports | apiKey |
Yes | Link! | ? |
| have i been pwned | unofficial endpoints | apiKey |
Yes | Link! | ? |
| Hybrid Analysis | Online Sandbox | none |
Yes | Link! | Free |
| Malwr.com | Malware analysis | apiKey |
Yes | Link! | ? |
| MAlshare | Malware Sharing | apiKey |
Yes | Link! | ? |
| Mac Vendor Lookup | Threat Intel | apiKey |
Yes | Link! | ? |
| MaxMind | GeoIP and More | apiKey |
Yes | Link! | ? |
| NeutrinoAPI | IP Blocklist API | apiKey |
Yes | Link! | ? |
| Passive Total | Threat Intel | apiKey |
Yes | Link! | ? |
| Pastebin | apiKey |
Yes | Link! | ? | |
| Phishtank | ? |
Yes | Link! | ? | |
| Pulsedive | Free threat intelligence platform ingesting over 50 OSINT feeds and user submissions. | apiKey |
Yes | Link! | Both |
| Qualys SSLLabs | Test SSL and more | apiKey |
Yes | Link! | ? |
| Spamhaus | Domain / IP intelligence and reputation | ? |
Yes | Link! | ? |
| Shadowserver Sandbox API | Sandbox | ? |
Yes | Link! | Free |
| Shadowserver Bintest API | This server provides a lookup mechanism to test an executable file against a list of known software applications. | ? |
Yes | Link! | Free |
| Shadowserver IP-BGP API | Mapping IP numbers to BGP prefixes and ASNs | ? |
Yes | Link! | Free |
| Tenable | ? | ? |
Yes | Link! | ? |
| Team Cymru | Threat Intel | apiKey |
Yes | Link! | Both |
| VirusTotal | VirusTotal File/URL Analysis | apiKey |
Yes | Link! | ? |
| vulners | vulners Vuln Database | apiKey |
Yes | Link! | ? |
| whoisxmlapi.com | Whois APIs | apiKey |
Yes | Link! | Commercial |
| Zoomeye | CVE Search | apiKey |
Yes | Link! | ? |
Tools
| API | Description | Auth | HTTPS | Link | Free / Commercial |
|---|---|---|---|---|---|
| Carbon Black | Endpoint Security | apiKey |
Yes | Link! | Commercial |
| Cuckoo | Cuckoo Sandbox | apiKey |
Yes | Link! | OpenSource |
| CRITS | TI System | apiKey |
Yes | Link! | ? |
| CrowdStrike falcon-orchestrator | Orchestrator | apiKey |
Yes | Link! | yes |
| Cymetria Maze Runner | - | apiKey |
Yes | Link! | ? |
| emlrender | EML file rendering tool | password |
Yes | Link! | OpenSource |
| FireEye | Endpoint Security | apiKey |
Yes | Link! | ? |
| GRR | Endpoint Incident Response tool | apiKey |
Yes | Link! | OpenSource |
| Kolide Fleet | osQuery fleet management | ? |
Yes | Link! | OpenSource |
| Lastline | Lastline Enterprise | ApiKey |
Yes | Link! | Commercial |
| logdissect | CLI utility and Python API for analyzing log files and other data. | ? |
Yes | Link! | OpenSource |
| MISP | Open Source Threat Intelligence Platform | apiKey |
Yes | Link! | OpenSource |
| Metadefender | MultiAV | apiKey |
Yes | Link! | Commercial |
| Metasploit | Exploiting | apiKey |
Yes | Link! | Commercial |
| Moloch | Moloch is an open source, large scale, full packet capturing, indexing, and database system. | ? |
Yes | Link! | OpenSource |
| OTRS | Open Ticket Relay System | apiKey |
Yes | Link! | ? |
| Plaso | Plaso Langar Að Safna Öllu | apiKey |
Yes | Link! | OpenSource |
| Recorded Future | Threat Intelligence Platform | apiKey |
Yes | Link! | ? |
| Request Tracker | Ticketing System | apiKey |
Yes | Link! | ? |
| Scot | SCOT - Sandia Cyber Omni Tracker Ticketing System | apiKey |
Yes | Link! | Free |
| TheHive | Security Incident Response Platform | apiKey |
Yes | Link! | Free |
| Viper.li | Viper malware repository API | apiKey |
Yes | Link! | OpenSource |
| VMRay | VMRay Sandbox | apiKey |
Yes | Link! | ? |
SIEM
| API | Description | Auth | HTTPS | Link | Free / Commercial |
|---|---|---|---|---|---|
| ArcSight | HP ArcSight API | None |
No |
Link! | Commercial |
| AlienVault | AlienVault API | Yes |
Yes |
Link! | Commercial |
| ELK | ELK Stack API | None |
No |
Link! | OpenSource |
| Gravwell | Gravwell API | Yes |
Yes |
Link! | Community / Commercial |
| Humio | Humio API | Yes |
Yes |
Link! | Community / Commercial |
| QRadar | IBM QRadar API | None |
No |
Link! | Commercial |
| Splunk | Splunk API | None |
No |
Link! | Commercial |
Various
| API | Description | Auth | HTTPS | Link | Free / Commercial |
|---|---|---|---|---|---|
| AlienVault Open Threat Exchange (OTX) | IP/domain/URL reputation | apiKey |
Yes | Link! | ? |
| Certly | Certly Link/Domain Flagging | apiKey |
Yes | Link! | ? |
| Cisco ISE | ISE is an identity and access control policy platform | apiKey |
Yes | Link! | ? |
| Cisco PXGrid | Cisco Platform Exchange Grid | apiKey |
Yes | Link! | ? |
| Cisco Security APIs | Cisco Developer Page | `` | ? | Link! | ? |
| Cisco Umbrella | Cisco Umbrella Enforcement API | apiKey |
Yes | Link! | ? |
| Cyphon | Open Source INcident Management tool | apiKey |
Yes | Link! | ? |
| Google Safe Browsing | Google Link/Domain Flagging | apiKey |
Yes | Link! | ? |
| Metacert | Metacert Link Flagging | apiKey |
Yes | Link! | ? |
| National Software Reference Library (NSRL) | - | apiKey |
Yes | Link! | ? |
| PaloAlto | PaloAlto FW API | Yes |
Yes |
Link! | Commercial |
| RSA Secure ID | Metacert Link Flagging | apiKey |
Yes | Link! | ? |
| ServiceNow | ServiceNow API | apiKey |
Yes |
Link! | Commercial |
| Web Of Trust (WOT) | Website reputation | apiKey |
Yes | Link! | ? |