As the world's leading cyber threat service, we provide API & Webhook solutions to our customers. If you need to customize your notifications or process data for your own projects, we will proud of being a part of your excellent jobs.

You can use our API & Webhook for lots of purposes:

• Send notifications to your customers directly
• Use with different channels like SMS, WhatsApp, Slack, etc.
• Include our data sources to your own projects
• Use for your products, tools and scanners
• Search last threats in our database detailed
• Collect data and store actual cyber threats

What is the Difference Between API and Webhook?

API is a page that prints the output of our database records. You can filter your queries and search our database.

Webhook is an automated communication mechanism, our bots will send a POST request to your server when a new cyber threat detected. So, you can process the data however you want.

You need to check our API regularly to learn the last threats, but if you use Webhook solution, our system automatically will send you last threats.

How to Use API?

We have 4 parameters for API and it will generate a JSON output when you entered parameters.

?api_key is required and other parameters are optional. You can find your API key in the dashboard by following "Edit Profile > API & Webhook" tab.

API Examples

• It prints last detected 300 threats in products of your account when you just use ?api_key parameter without others.
https://api.vullnerability.com/?api_key=iuy414bxw29e38kz4khpxg3vr0os3ml9f6jd

Output:

{"records":109,"threats":[{"threat_id":"3237","product":"VMWare","cve":"CVE-2020-3948","source":"ZeroDayInitiative","date":"2020-03-13 18:32:12 (UTC)","advisory":"https:\/\/www.zerodayinitiative.com\/advisories\/ZDI-20-299"},{"threat_id":"3116","product":"webmail","cve":"CVE-2020-8865","source":"PacketStorm","date":"2020-03-12 20:27:06 (UTC)","advisory":"https:\/\/packetstormsecurity.com\/files\/156699\/Horde-Groupware-Webmail-Edition-5.2.22-PHP-File-Inclusion.html"},{"threat_id":"2698","product":"WordPress","cve":"CVE-2020-9371","source":"Exploit-DB","date":"2020-03-12 06:26:13 (UTC)","advisory":"https:\/\/www.exploit-db.com\/exploits\/48204"} ...
• It prints last detected 300 threats in custom products of your account when you use &product parameter.
https://api.vullnerability.com/?api_key=iuy414bxw29e38kz4khpxg3vr0os3ml9f6jd&product=wordpress

Output:

{"records":41,"threats":[{"threat_id":"3396","product":"WordPress","cve":"CVE-2020-10564","source":"NVD\/NIST","date":"2020-03-13 23:18:07 (UTC)","advisory":"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-10564"},{"threat_id":"2750","product":"WordPress","cve":"NO-CVE","source":"0day.today","date":"2020-03-12 10:09:06 (UTC)","advisory":"http:\/\/0day.today\/exploits\/34083"},{"threat_id":"2698","product":"WordPress","cve":"CVE-2020-9371","source":"Exploit-DB","date":"2020-03-12 06:26:13 (UTC)","advisory":"https:\/\/www.exploit-db.com\/exploits\/48204"} ...
• It prints last detected 300 threats in our database when you use &list parameter. This parameter list all records, not only for your account. So, you can see all the threats in our database whenever you want.
https://api.vullnerability.com/?api_key=iuy414bxw29e38kz4khpxg3vr0os3ml9f6jd&product=windows&list=all

Output:

{"records":59,"threats":[{"threat_id":"3629","product":"windows","cve":"CVE-2020-9290","source":"NVD\/NIST","date":"2020-03-15 22:19:04 (UTC)","advisory":"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-9290"},{"threat_id":"3590","product":"Windows","cve":" CVE-2020-0796 ","source":"CXSecurity","date":"2020-03-15 16:18:11 (UTC)","advisory":"https:\/\/cxsecurity.com\/issue\/WLB-2020030071"},{"threat_id":"3544","product":"windows","cve":"CVE-2020-0796","source":"PacketStorm","date":"2020-03-15 14:01:47 (UTC)","advisory":"https:\/\/packetstormsecurity.com\/files\/156731\/CoronaBlue-SMBGhost-Microsoft-Windows-10-SMB-3.1.1-Proof-Of-Concept.html"} ...
You can use &list parameter without &product parameter. So, it will list threats of all products, not custom one only.
You can use &list parameter as &list=all value only. If you change 'all' value, this parameter will not work.
• It prints just a part of records when you use &limit parameter. So you can process the data easier and quicker.
https://api.vullnerability.com/?api_key=iuy414bxw29e38kz4khpxg3vr0os3ml9f6jd&product=windows&list=all&limit=2

Output:

{"records":2,"threats":[{"threat_id":"3629","product":"windows","cve":"CVE-2020-9290","source":"NVD\/NIST","date":"2020-03-15 22:19:04 (UTC)","advisory":"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-9290"},{"threat_id":"3590","product":"Windows","cve":" CVE-2020-0796 ","source":"CXSecurity","date":"2020-03-15 16:18:11 (UTC)","advisory":"https:\/\/cxsecurity.com\/issue\/WLB-2020030071"}]}
This parameter's default value is 300 and you can enter a numeric value between 1-300 only.

How to Use Webhook?

You can configure Webhook in dashboard while adding your products or following by "My Products" tab.

If you select "Customizable Notification & API" option as your alert channel, you can see your API key and an option to enable Webhook feature. After you enabled Webhook, you need to enter your website where we will post the data to.

Meanwhile, you have to verify that its really your website. So, click the Click and Download text. It will generate a randomly named HTML file for you and you need to upload this file to your website's root directory directly. So, our systems will check this URL and validate this website if you correctly uploaded file. Don't change filename and upload to root directory directly:

• Don't delete this verification file while you are using Webhook feature. Otherwise, you will miss threat alerts.
• Your URL cannot include special characters. URL-encoding is allowed.

If everything is okay, you will get a POST request for each threat alert. Example request:

X-Security-Code is an unique code for your account. You can validate requests according to X-Security-Code header value and source IP address.

Last edited:  Mar 30, 2020