While working on different stuff I was searching for a collection of APIs that are related of useful for security researchers, incident response people or threat intel.
Unable to find a good list of REST APIs decided to start it. The collection is hosted on a Security API list, and pull requests or issues mentioning missing APIs are highly welcome.
Why did I produce such a list? More and more people want to automate their workflows, Security Orchestration is the new Buzzword after last years Threat Intelligence, but basically containing the same, they both have in common to facilitate already available data, with Orchestration not storing that much data but enriching dots collected.
However the challenge is, what to integrate, everyone has their „go to“ tools they use on a daily base risking to miss some golden nuggets that are handy.
The list is divided (at the moment) in tools that are mostly on prem., online tools, SIEMs and various. With an increasing number of APIs that ordering might change of course.
So I really hope the list is useful and people can use it and that it can grow.