Awesome Security APIs – Cyber Security News Aggregator

A collective awesome list of public (JSON) APIs for use in security.
The list is supported by https://alexanderjaeger.de
Learn about REST: https://github.com/marmelab/awesome-rest

Sample API used by hendryadrian.com >> https://www.hendryadrian.com/ransom/all.php

API	Description	Auth	HTTPS	Link	Free / Commercial
Alexa	Alexa Top Sites	`apiKey`	Yes	Link!	?
ANY.RUN	Interactive malware analysis service.	`apiKey`	Yes	Link!	Both, API commercial only
BinaryEdge.io	Search Engine for internet connected devices and Honeypot Network	`apiKey`	Yes	Link!	Free/Commercial
CriminalIP.io	Search Engine for internet connected devices	`apiKey`	Yes	Link!	Free/Commercial
Bluecoat Site Review	URL Analysis	`none`	Yes	Link!	Free
bgpmon.net	Bgp monitoring	`?`	Yes	Link!	?
caprivacy.github.io	California Privacy Directory	None	Yes	Link!	?
censys.io	Free for Researchers Threat Intel	`apiKey`	Yes	Link!	?
CIRCL CVE Search	CVE Search	`none`	Yes	Link!	Free
CIRCL hashlookup	File hash lookup	`none`	Yes	Link!	Free
CIRCL Passive SSH	Passive SSH	`ApiKey`	Yes	Link!	Free for security teams
Cloidsploit	Vuln Scanner	`apiKey`	Yes	Link!	Free
CrowdStrike API	TI	`apiKey`	Yes	Link!	NO
CVEAPI	API for CVE data	`none`	Yes	Link!	Free
Cymon.io	Open Threat Intel	`apiKey`	Yes	Link!	?
Cybergreen	How clean is a network	`apiKey`	Yes	Link!	?
CyCAT.org	The Cybersecurity Resource Catalogue public API services.	`none`	Yes	Link!	Free – OpenAPI
Domaintools	Commercial Threat Intel	`apiKey`	Yes	Link!	Commercial
Dragos WorldView	ICS Threat Intelligence	`apiKey`	Yes	Link!	Commercial
DShield	Internet Storm Center API	`apiKey`	Yes	Link!	Free
EmailRep	Free API to query email reputation and report malicious senders	none	Yes	Link!	Free
emergingthreats.net	Domain / IP intelligence and reputation	`apiKey`	Yes	Link!	?
Farsight DNSDB Passive DNS	Passive DNS and more	`apiKey`	Yes	Link!	?
Fireeye iSight	Commercial Threat Intel	`apiKey`	Yes	Link!	Commercial
FIRST.org	Incident Response Teams API	`none`	Yes	Link!	?
Flashpoint Intel	Threat Intel	`apiKey`	Yes	Link!	?
Flexera	Vuln Management	`apiKey`	Yes	Link!	?
GreyNoise	GreyNoise is a system that collects and analyzes data on Internet-wide scanners.	`apiKey`	Yes	Link!	Free/Commercial
HackerOne	Query HackerOne reports	`apiKey`	Yes	Link!	?
have i been pwned	unofficial endpoints	`apiKey`	Yes	Link!	?
Hybrid Analysis	Online Sandbox	`none`	Yes	Link!	Free
IP ASN History (D4 Project – CIRCL)	IP and BGP intelligence	`none`	Yes	Link!	Free
MAlshare	Malware Sharing	`apiKey`	Yes	Link!	?
Mac Vendor Lookup	Threat Intel	`apiKey`	Yes	Link!	?
MAC address API	Threat Intel	`apiKey`	Yes	Link!	Commercial
Malpedia	Curated list of malware	`apiKey`	Yes	Link!	Free
MalwareBazaar	Malware Sharing Service	`apiKey`	Yes	Link!	Free (CCO)
MaxMind	GeoIP and More	`apiKey`	Yes	Link!	?
Microsoft Security Response Center API	Programmatic interfaces to engage with the Microsoft Security Response Center (MSRC)	`None`	Yes	Link!	Free
MWDB	The MWDB system (also known as the “Malware Database”) is a repository for storing malware samples and information acquired during their analysis	`apiKey`	Yes	Link!	Free
NeutrinoAPI	IP Blocklist API	`apiKey`	Yes	Link!	?
Onyphe	Search Engine for internet connected devices	`apiKey`	Yes	Link!	Free/Commercial
ORKL.eu	Search Engine for intel reports	`apiKey`	Yes	Link!	Free (API rate limited)
Passive Total	Threat Intel	`apiKey`	Yes	Link!	?
Pastebin		`apiKey`	Yes	Link!	?
Phishtank		`?`	Yes	Link!	?
Pulsedive	Free threat intelligence platform ingesting over 50 OSINT feeds and user submissions.	`apiKey`	Yes	Link!	Both
Qualys SSLLabs	Test SSL and more	`apiKey`	Yes	Link!	?
Spamhaus	Domain / IP intelligence and reputation	`?`	Yes	Link!	?
Shadowserver Sandbox API	Sandbox	`?`	Yes	Link!	Free
Shadowserver Bintest API	This server provides a lookup mechanism to test an executable file against a list of known software applications.	`?`	Yes	Link!	Free
Shadowserver IP-BGP API	Mapping IP numbers to BGP prefixes and ASNs	`?`	Yes	Link!	Free
Shodan.io	Search Engine for internet connected devices	`apiKey`	Yes	Link!	Free/Commercial
StalkPhish.io	Phishing/brand impersonation detection feed	`apiKey`	Yes	Link!	Free/Commercial
Tenable	?	`?`	Yes	Link!	?
Team Cymru	Threat Intel	`apiKey`	Yes	Link!	Both
ThreatConnect	Threat Intel / SOC platform	`apiKey`	Yes	Link!	Commercial
URLhaus	abuse.ch API	`apiKey`	Yes	Link!	Free
urlscan.io	Online tool to scan URLs	`apiKey`	Yes	Link!	Free
Valhalla	Online repository of curated yara rules	`apiKey`	Yes	Link!	Commercial
VirusTotal	VirusTotal File/URL Analysis	`apiKey`	Yes	Link!	?
vulners	vulners Vuln Database	`apiKey`	Yes	Link!	?
whoisxmlapi.com	Whois APIs	`apiKey`	Yes	Link!	Commercial
Zoomeye	Search Engine for internet connected devices	`apiKey`	Yes	Link!	Both

Tools

API	Description	Auth	HTTPS	Link	Free / Commercial
Carbon Black	Endpoint Security	`apiKey`	Yes	Link!	Commercial
Cuckoo	Cuckoo Sandbox	`apiKey`	Yes	Link!	OpenSource
CRITS	TI System	`apiKey`	Yes	Link!	?
CrowdStrike falcon-orchestrator	Orchestrator	`apiKey`	Yes	Link!	yes
emlrender	EML file rendering tool	`password`	Yes	Link!	OpenSource
FireEye	Endpoint Security	`apiKey`	Yes	Link!	?
GRR	Endpoint Incident Response tool	`apiKey`	Yes	Link!	OpenSource
Kolide Fleet	osQuery fleet management	`?`	Yes	Link!	OpenSource
Lastline	Lastline Enterprise	`ApiKey`	Yes	Link!	Commercial
logdissect	CLI utility and Python API for analyzing log files and other data.	`?`	Yes	Link!	OpenSource
MISP	Open Source Threat Intelligence Platform	`apiKey`	Yes	Link!	OpenSource
Metadefender	MultiAV	`apiKey`	Yes	Link!	Commercial
Metasploit	Exploiting	`apiKey`	Yes	Link!	Commercial
Moloch	Moloch is an open source, large scale, full packet capturing, indexing, and database system.	`?`	Yes	Link!	OpenSource
OTRS	Open Ticket Relay System	`apiKey`	Yes	Link!	?
Plaso	Plaso Langar Að Safna Öllu	`apiKey`	Yes	Link!	OpenSource
Recorded Future	Threat Intelligence Platform	`apiKey`	Yes	Link!	?
Request Tracker	Ticketing System	`apiKey`	Yes	Link! REST2	?
Scot	SCOT – Sandia Cyber Omni Tracker Ticketing System	`apiKey`	Yes	Link!	Free
TheHive	Security Incident Response Platform	`apiKey`	Yes	Link!	Free
Viper.li	Viper malware repository API	`apiKey`	Yes	Link!	OpenSource
VMRay	VMRay Sandbox	`apiKey`	Yes	Link!	?

SIEM

API	Description	Auth	HTTPS	Link	Free / Commercial
ArcSight	HP ArcSight API	`None`	`No`	Link!	Commercial
AlienVault	AlienVault API	`Yes`	`Yes`	Link!	Commercial
ELK	ELK Stack API	`None`	`No`	Link!	OpenSource
Gravwell	Gravwell API	`Yes`	`Yes`	Link!	Community / Commercial
Humio	Humio API	`Yes`	`Yes`	Link!	Community / Commercial
QRadar	IBM QRadar API	`None`	`No`	Link!	Commercial
Splunk	Splunk API	`None`	`No`	Link!	Commercial

Various

API	Description	Auth	HTTPS	Link	Free / Commercial
Akamai	Akamai CDN	`apiKey`	Yes	Link!	Commercial
AlienVault Open Threat Exchange (OTX)	IP/domain/URL reputation	`apiKey`	Yes	Link!	?
Check Point APIs	Check Point APIs Homepage	`apiKey`	Yes	Link!	Commercial
Cisco ISE	ISE is an identity and access control policy platform	`apiKey`	Yes	Link!	?
Cisco PXGrid	Cisco Platform Exchange Grid	`apiKey`	Yes	Link!	?
Cisco Security APIs	Cisco Developer Page	“	?	Link!	?
Cisco Umbrella	Cisco Umbrella Enforcement API	`apiKey`	Yes	Link!	?
Cyphon	Open Source INcident Management tool	`apiKey`	Yes	Link!	?
F5 Bip IP	F5 application services products	`apiKey`	Yes	Link!	Commercial
Google Safe Browsing	Google Link/Domain Flagging	`apiKey`	Yes	Link!	?
Metacert	Metacert Link Flagging	`apiKey`	Yes	Link!	?
Netscaler	Citrix Netscaler application delivery controller	`apiKey`	Yes	Link!	Commercial
Windows Defender Advanced Threat Protection (Windows Defender ATP)	WDATP	`apiKey`	Yes	Link!	?
National Software Reference Library (NSRL)	–	`apiKey`	Yes	Link!	?
PaloAlto	PaloAlto FW API	`apiKey`	Yes	Link!	Commercial
RSA Secure ID	Metacert Link Flagging	`apiKey`	Yes	Link!	?
ServiceNow	ServiceNow API	`apiKey`	Yes	Link!	Commercial
Web Of Trust (WOT)	Website reputation	`apiKey`	Yes	Link!	?
Yandex Safe Browsing	Yandex Link/Domain Flagging	`apiKey`	Yes	Link!	?

Source : https://github.com/jaegeral/security-apis

Tags: TOOL, SOC, EMAIL, SIEM, WINDOWS, DNS, CVE