Security APIs

Security and vulnerability data

38 APIs in this category
Showing 38 of 38 APIs

Application Environment Verification

Verify Android device integrity and detect rooted or unsafe environments

Auth: apiKey HTTPS CORS: Yes

BinaryEdge

Access BinaryEdge’s global scanning platform for threat intelligence data

Auth: apiKey HTTPS CORS: Yes

BitWarden

Open-source password manager API for secure credential management

Auth: OAuth HTTPS CORS: Unknown

Botd

Browser-based JavaScript bot detection library and API

Auth: apiKey HTTPS CORS: Yes

Bugcrowd

Manage and track bug bounty reports programmatically

Auth: apiKey HTTPS CORS: Unknown

Censys

Search and analyze Internet-connected hosts and devices

Auth: apiKey HTTPS CORS: No

Classify

Encrypt and decrypt text messages via API

Auth: No HTTPS CORS: Yes

Complete Criminal Checks

Retrieve offender data across all U.S. states and Puerto Rico

Auth: apiKey HTTPS CORS: Yes

CRXcavator

Assess and score Chrome extensions for security risks

Auth: apiKey HTTPS CORS: Unknown

Dehash.lt

Decrypt hashes including MD5, SHA1, SHA256, and SHA512

Auth: No HTTPS CORS: Unknown

EmailRep

Analyze email addresses for threat level and reputation scoring

Auth: No HTTPS CORS: Unknown

Escape

Escape text for safe use in different query formats

Auth: No HTTPS CORS: No

FilterLists

Comprehensive directory of filter lists for ad blockers and firewalls

Auth: No HTTPS CORS: Unknown

FingerprintJS Pro

Advanced browser fingerprinting and fraud detection API

Auth: apiKey HTTPS CORS: Yes

FraudLabs Pro

AI-based fraud detection and order verification API

Auth: apiKey HTTPS CORS: Unknown

FullHunt

Global database of exposed assets for attack surface management

Auth: apiKey HTTPS CORS: Unknown

GitGuardian

Scan code and repositories for exposed API keys and credentials

Auth: apiKey HTTPS CORS: No

GreyNoise

Analyze IPs observed scanning the internet and filter benign traffic

Auth: apiKey HTTPS CORS: Unknown

HackerOne

Interact with HackerOne’s bug bounty platform via API

Auth: apiKey HTTPS CORS: Unknown

Hashable

Perform cryptographic operations like hashing and encryption via REST API

Auth: No HTTPS CORS: Yes

Have I Been Pwned

Check if your passwords or emails have appeared in data breaches

Auth: apiKey HTTPS CORS: Unknown

Intelligence X

Perform OSINT searches through Intelligence X’s datasets

Auth: apiKey HTTPS CORS: Unknown

LoginRadius

Comprehensive managed user authentication and identity platform

Auth: apiKey HTTPS CORS: Yes

Microsoft Security Response Center (MSRC)

Engage with Microsoft’s security vulnerability reporting APIs

Auth: No HTTPS CORS: Unknown

Mozilla HTTP Scanner

Scan and analyze web server configurations using Mozilla Observatory

Auth: No HTTPS CORS: Unknown

Mozilla TLS Scanner

Audit TLS configurations with Mozilla Observatory tools

Auth: No HTTPS CORS: Unknown

National Vulnerability Database (NVD)

Access U.S. government vulnerability and CVE data feeds

Auth: No HTTPS CORS: Unknown

Passwordinator

Generate strong random passwords of varying complexity

Auth: No HTTPS CORS: Yes

PhishStats

Database of known phishing sites and campaigns

Auth: No HTTPS CORS: Unknown

Privacy.com

Generate merchant-specific virtual payment cards securely

Auth: apiKey HTTPS CORS: Unknown

Pulsedive

Collect and analyze real-time threat intelligence data

Auth: apiKey HTTPS CORS: Unknown

SecurityTrails

Query domain, IP, WHOIS, and DNS records for security research

Auth: apiKey HTTPS CORS: Unknown

Shodan

Search engine for discovering Internet-connected devices and vulnerabilities

Auth: apiKey HTTPS CORS: Unknown

Spyse

Access detailed internet asset data for security and attack surface analysis

Auth: apiKey HTTPS CORS: Unknown

Threat Jammer

Evaluate and score IPs and domains based on curated threat data

Auth: apiKey HTTPS CORS: Unknown

UK Police

Public data about crimes and policing in the United Kingdom

Auth: No HTTPS CORS: Unknown

Virushee

File and data scanning for malware and suspicious content

Auth: No HTTPS CORS: Yes

VulDB

Vulnerability intelligence API providing CVE data and risk context

Auth: apiKey HTTPS CORS: Unknown

Best Security APIs for Developers

A security API allows developers to integrate vulnerability scanning, threat intelligence, breach detection, SSL monitoring, and cybersecurity data into their applications. These APIs are essential for building secure software and security operations tooling.

CodeHelper's curated security API collection includes APIs covering CVE databases, threat feeds, SSL analysis, password breach detection, and network security scanning.

What to look for in a security API

  • Data freshness: Threat intelligence APIs must update continuously to reflect the latest vulnerabilities and indicators of compromise.
  • CVSS scoring: Vulnerability APIs should include CVSS v3 severity scores to help you prioritize remediation efforts.
  • False positive rate: Evaluate each API's false positive track record before integrating into automated security pipelines where incorrect blocks cause disruption.

How to use this API directory

  1. Browse the curated list of APIs below.
  2. Click any API to visit its documentation.
  3. Check the Auth column to understand what credentials you need.

Whether you are building a vulnerability scanner or a security operations dashboard, this free curated API directory saves you hours of research.

Related

toolBase64 Encoder/DecoderEncode and decode Base64 strings, files, images with data URL support. Upload files or paste text for instant conversion.toolJWT Decoder & ValidatorDecode, validate, and inspect JSON Web Tokens (JWT). Parse header, payload, verify signatures with HMAC algorithms, and check token expiration: all client-side.toolJWT GeneratorCreate and sign JSON Web Tokens with HMAC algorithms, standard claims, custom payloads, and client-side signing.