Awesome Security APIs

A collective awesome list of public (JSON) APIs for use in security.
The list is supported by https://alexanderjaeger.de
Learn about REST: https://github.com/marmelab/awesome-rest

Sample API used by hendryadrian.com >> https://www.hendryadrian.com/ransom/all.php

APIDescriptionAuthHTTPSLinkFree / Commercial
AlexaAlexa Top SitesapiKeyYesLink!?
ANY.RUNInteractive malware analysis service.apiKeyYesLink!Both, API commercial only
BinaryEdge.ioSearch Engine for internet connected devices and Honeypot NetworkapiKeyYesLink!Free/Commercial
CriminalIP.ioSearch Engine for internet connected devicesapiKeyYesLink!Free/Commercial
Bluecoat Site ReviewURL AnalysisnoneYesLink!Free
bgpmon.netBgp monitoring?YesLink!?
caprivacy.github.ioCalifornia Privacy DirectoryNoneYesLink!?
censys.ioFree for Researchers Threat IntelapiKeyYesLink!?
CIRCL CVE SearchCVE SearchnoneYesLink!Free
CIRCL hashlookupFile hash lookupnoneYesLink!Free
CIRCL Passive SSHPassive SSHApiKeyYesLink!Free for security teams
CloidsploitVuln ScannerapiKeyYesLink!Free
CrowdStrike APITIapiKeyYesLink!NO
CVEAPIAPI for CVE datanoneYesLink!Free
Cymon.ioOpen Threat IntelapiKeyYesLink!?
CybergreenHow clean is a networkapiKeyYesLink!?
CyCAT.orgThe Cybersecurity Resource Catalogue public API services.noneYesLink!Free – OpenAPI
DomaintoolsCommercial Threat IntelapiKeyYesLink!Commercial
Dragos WorldViewICS Threat IntelligenceapiKeyYesLink!Commercial
DShieldInternet Storm Center APIapiKeyYesLink!Free
EmailRepFree API to query email reputation and report malicious sendersnoneYesLink!Free
emergingthreats.netDomain / IP intelligence and reputationapiKeyYesLink!?
Farsight DNSDB Passive DNSPassive DNS and moreapiKeyYesLink!?
Fireeye iSightCommercial Threat IntelapiKeyYesLink!Commercial
FIRST.orgIncident Response Teams APInoneYesLink!?
Flashpoint IntelThreat IntelapiKeyYesLink!?
FlexeraVuln ManagementapiKeyYesLink!?
GreyNoiseGreyNoise is a system that collects and analyzes data on Internet-wide scanners.apiKeyYesLink!Free/Commercial
HackerOneQuery HackerOne reportsapiKeyYesLink!?
have i been pwnedunofficial endpointsapiKeyYesLink!?
Hybrid AnalysisOnline SandboxnoneYesLink!Free
IP ASN History (D4 Project – CIRCL)IP and BGP intelligencenoneYesLink!Free
MAlshareMalware SharingapiKeyYesLink!?
Mac Vendor LookupThreat IntelapiKeyYesLink!?
MAC address APIThreat IntelapiKeyYesLink!Commercial
MalpediaCurated list of malwareapiKeyYesLink!Free
MalwareBazaarMalware Sharing ServiceapiKeyYesLink!Free (CCO)
MaxMindGeoIP and MoreapiKeyYesLink!?
Microsoft Security Response Center APIProgrammatic interfaces to engage with the Microsoft Security Response Center (MSRC)NoneYesLink!Free
MWDBThe MWDB system (also known as the “Malware Database”) is a repository for storing malware samples and information acquired during their analysisapiKeyYesLink!Free
NeutrinoAPIIP Blocklist APIapiKeyYesLink!?
OnypheSearch Engine for internet connected devicesapiKeyYesLink!Free/Commercial
ORKL.euSearch Engine for intel reportsapiKeyYesLink!Free (API rate limited)
Passive TotalThreat IntelapiKeyYesLink!?
PastebinapiKeyYesLink!?
Phishtank?YesLink!?
PulsediveFree threat intelligence platform ingesting over 50 OSINT feeds and user submissions.apiKeyYesLink!Both
Qualys SSLLabsTest SSL and moreapiKeyYesLink!?
SpamhausDomain / IP intelligence and reputation?YesLink!?
Shadowserver Sandbox APISandbox?YesLink!Free
Shadowserver Bintest APIThis server provides a lookup mechanism to test an executable file against a list of known software applications.?YesLink!Free
Shadowserver IP-BGP APIMapping IP numbers to BGP prefixes and ASNs?YesLink!Free
Shodan.ioSearch Engine for internet connected devicesapiKeyYesLink!Free/Commercial
StalkPhish.ioPhishing/brand impersonation detection feedapiKeyYesLink!Free/Commercial
Tenable??YesLink!?
Team CymruThreat IntelapiKeyYesLink!Both
ThreatConnectThreat Intel / SOC platformapiKeyYesLink!Commercial
URLhausabuse.ch APIapiKeyYesLink!Free
urlscan.ioOnline tool to scan URLsapiKeyYesLink!Free
ValhallaOnline repository of curated yara rulesapiKeyYesLink!Commercial
VirusTotalVirusTotal File/URL AnalysisapiKeyYesLink!?
vulnersvulners Vuln DatabaseapiKeyYesLink!?
whoisxmlapi.comWhois APIsapiKeyYesLink!Commercial
ZoomeyeSearch Engine for internet connected devicesapiKeyYesLink!Both

Tools

APIDescriptionAuthHTTPSLinkFree / Commercial
Carbon BlackEndpoint SecurityapiKeyYesLink!Commercial
CuckooCuckoo SandboxapiKeyYesLink!OpenSource
CRITSTI SystemapiKeyYesLink!?
CrowdStrike falcon-orchestratorOrchestratorapiKeyYesLink!yes
emlrenderEML file rendering toolpasswordYesLink!OpenSource
FireEyeEndpoint SecurityapiKeyYesLink!?
GRREndpoint Incident Response toolapiKeyYesLink!OpenSource
Kolide FleetosQuery fleet management?YesLink!OpenSource
LastlineLastline EnterpriseApiKeyYesLink!Commercial
logdissectCLI utility and Python API for analyzing log files and other data.?YesLink!OpenSource
MISPOpen Source Threat Intelligence PlatformapiKeyYesLink!OpenSource
MetadefenderMultiAVapiKeyYesLink!Commercial
MetasploitExploitingapiKeyYesLink!Commercial
MolochMoloch is an open source, large scale, full packet capturing, indexing, and database system.?YesLink!OpenSource
OTRSOpen Ticket Relay SystemapiKeyYesLink!?
PlasoPlaso Langar Að Safna ÖlluapiKeyYesLink!OpenSource
Recorded FutureThreat Intelligence PlatformapiKeyYesLink!?
Request TrackerTicketing SystemapiKeyYesLink! REST2?
ScotSCOT – Sandia Cyber Omni Tracker Ticketing SystemapiKeyYesLink!Free
TheHiveSecurity Incident Response PlatformapiKeyYesLink!Free
Viper.liViper malware repository APIapiKeyYesLink!OpenSource
VMRayVMRay SandboxapiKeyYesLink!?

SIEM

APIDescriptionAuthHTTPSLinkFree / Commercial
ArcSightHP ArcSight APINoneNoLink!Commercial
AlienVaultAlienVault APIYesYesLink!Commercial
ELKELK Stack APINoneNoLink!OpenSource
GravwellGravwell APIYesYesLink!Community / Commercial
HumioHumio APIYesYesLink!Community / Commercial
QRadarIBM QRadar APINoneNoLink!Commercial
SplunkSplunk APINoneNoLink!Commercial

Various

APIDescriptionAuthHTTPSLinkFree / Commercial
AkamaiAkamai CDNapiKeyYesLink!Commercial
AlienVault Open Threat Exchange (OTX)IP/domain/URL reputationapiKeyYesLink!?
Check Point APIsCheck Point APIs HomepageapiKeyYesLink!Commercial
Cisco ISEISE is an identity and access control policy platformapiKeyYesLink!?
Cisco PXGridCisco Platform Exchange GridapiKeyYesLink!?
Cisco Security APIsCisco Developer Page?Link!?
Cisco UmbrellaCisco Umbrella Enforcement APIapiKeyYesLink!?
CyphonOpen Source INcident Management toolapiKeyYesLink!?
F5 Bip IPF5 application services productsapiKeyYesLink!Commercial
Google Safe BrowsingGoogle Link/Domain FlaggingapiKeyYesLink!?
MetacertMetacert Link FlaggingapiKeyYesLink!?
NetscalerCitrix Netscaler application delivery controllerapiKeyYesLink!Commercial
Windows Defender Advanced Threat Protection (Windows Defender ATP)WDATPapiKeyYesLink!?
National Software Reference Library (NSRL)apiKeyYesLink!?
PaloAltoPaloAlto FW APIapiKeyYesLink!Commercial
RSA Secure IDMetacert Link FlaggingapiKeyYesLink!?
ServiceNowServiceNow APIapiKeyYesLink!Commercial
Web Of Trust (WOT)Website reputationapiKeyYesLink!?
Yandex Safe BrowsingYandex Link/Domain FlaggingapiKeyYesLink!?

Source : https://github.com/jaegeral/security-apis