Download OpenAPI specification:
API for querying PrecisionSec threat intelligence including malware samples, malicious URLs, domains, and IP addresses. Provides access to threat feeds and IOC (Indicator of Compromise) lookups.
To request an API key, please contact info@precisionsec.com.
Retrieve sample information by MD5 hash
| md5 required | string Example: a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6 MD5 hash of the sample |
{- "first_seen": 1633046400,
- "md5": "a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6",
- "sha256": "a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0u1v2w3x4y5z6",
- "tag": "ransomware",
- "magic": "PE32 executable for MS Windows",
- "campaign_id": "campaign123",
- "botnet_id": "botnet456",
- "distribution_urls": [
],
}Retrieve sample information by SHA256 hash
| sha256 required | string Example: a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0u1v2w3x4y5z6 SHA256 hash of the sample |
{- "first_seen": 1633046400,
- "md5": "a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6",
- "sha256": "a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0u1v2w3x4y5z6",
- "tag": "ransomware",
- "magic": "PE32 executable for MS Windows",
- "campaign_id": "campaign123",
- "botnet_id": "botnet456",
- "distribution_urls": [
],
}Retrieve information about a domain, including associated samples and resolutions
| domain required | string Example: malicious.example.com Domain name to lookup |
{- "domain": "malicious.example.com",
- "first_seen": 1633046400,
- "tag": "phishing",
- "communicating_samples": [
- {
- "detection_date": 1633046400,
- "md5": "a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6",
- "sha256": "a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0u1v2w3x4y5z6",
- "tag": "trojan"
}
], - "resolutions": [
- {
- "ip": "192.168.1.1",
- "last_seen": 1633046400,
- "first_seen": 1632960000
}
]
}Retrieve information about an IPv4 address, including associated samples, passive DNS, and detected URLs
| ip required | string Example: 192.168.1.1 IPv4 address to lookup |
{- "ip": "192.168.1.1",
- "first_seen": 1633046400,
- "tag": "c2",
- "confidence": "high",
- "communicating_samples": [
- {
- "detection_date": 1633046400,
- "md5": "a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6",
- "sha256": "a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0u1v2w3x4y5z6",
- "tag": "trojan"
}
], - "passive_dns": [
- {
- "last_seen": 1633046400,
- "first_seen": 1632960000,
- "domain": "malicious.example.com"
}
], - "detected_urls": [
]
}Check if a list of IPv4 addresses exist in the database
[- "192.168.1.1"
]{- "results": {
- "192.168.1.1": 1,
- "192.168.1.2": 0
}
}Get all Indicators of Compromise (IOCs) associated with a specific tag
| tag required | string Example: ransomware Tag to lookup |
{- "ips": [
- "192.168.1.1"
], - "domains": [
- "malicious.example.com"
], - "samples": [
- {
- "md5": "a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6",
- "sha256": "a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0u1v2w3x4y5z6"
}
]
}