Documentation has moved to https://github.com/The-Shadowserver-Foundation/api_utils/wiki
API: Research
Our 145 Report Types
- API: ASN and Network Queries
- API: Documentation
- API: Malware Query
- API: Reports Query
- API: Research
- API: Scan/SSL
- API: Trusted Programs Query
- CRITICAL: Accessible ADB Report
- CRITICAL: Accessible Cisco Smart Install Report
- CRITICAL: Accessible Docker Service Report
- CRITICAL: Accessible ICS Report
- CRITICAL: Compromised Account Report
- CRITICAL: Compromised IoT Report
- CRITICAL: Compromised SSH Host Special Report
- CRITICAL: Compromised Website Report
- CRITICAL: Fortinet FortiManager CVE-2024-47575 Special Report
- CRITICAL: Honeypot Brute Force Events Report
- CRITICAL: Honeypot DDoS Events Report
- CRITICAL: Honeypot ICS Scanner Events Report
- CRITICAL: IcedID/Latrodectus Historical Bot Infections Special Report
- CRITICAL: Initial Access Broker Report
- CRITICAL: Malware URL Report
- CRITICAL: Microsoft Sinkhole Events Report
- CRITICAL: Microsoft Sinkhole HTTP Events Report
- CRITICAL: Netcore/Netis Router Vulnerability Scan Report
- CRITICAL: Rhadamanthys Historical Bot Infections Special Report
- CRITICAL: Sinkhole Events Report
- CRITICAL: Sinkhole HTTP Events Report
- CRITICAL: Sinkhole HTTP Referer Events Report
- CRITICAL: SocGholish Compromised WordPress Sites Special Report
- CRITICAL: StealC Historical Bot Infections Special Report
- CRITICAL: Synful Scan Report
- CRITICAL: SystemBC Historical Bot Infections Special Report
- CRITICAL: Vulnerable CUPS Special Report
- CRITICAL: Vulnerable Exchange Server Report
- CRITICAL: Vulnerable HTTP Report
- CRITICAL: Vulnerable Ivanti Connect Secure Special Report
- CRITICAL: Vulnerable SMTP Report
- CRITICAL: Vulnerable/Compromised Qlik Sense Special Report
- Exposed F5 iControl REST API Special Report
- HAFNIUM Exchange Victim Special Report
- HIGH: Accessible AFP Report
- HIGH: Accessible Apple Remote Desktop (ARD) Report
- HIGH: Accessible CouchDB Report
- HIGH: Accessible Erlang Port Mapper Daemon Report
- HIGH: Accessible Hadoop Report
- HIGH: Accessible Kubernetes API Server Report
- HIGH: Accessible MS-RDPEUDP
- HIGH: Accessible MS-RPC Service Report
- HIGH: Accessible MySQL Server Report
- HIGH: Accessible PostgreSQL Server Report
- HIGH: Accessible RDP Report
- HIGH: Accessible Radmin Report
- HIGH: Accessible SIP Report
- HIGH: Accessible SLP Service Report
- HIGH: Accessible SMB Report
- HIGH: Accessible VNC Report
- HIGH: Accessible XDMCP Service Report
- HIGH: Badsecrets Report
- HIGH: DDoS Participant Report
- HIGH: Darknet Events Report
- HIGH: Honeypot ADB Scanner Events Report
- HIGH: Honeypot HTTP Scanner Events Report
- HIGH: Honeypot IKEv2 Scanner Events Report
- HIGH: Honeypot RDP Scanner Events Report
- HIGH: Honeypot RocketMQ Scanner Events Report
- HIGH: Honeypot SMB Scanner Events Report
- HIGH: Loop DoS Report
- HIGH: Open BGP Service Report
- HIGH: Open BGP Service Report
- HIGH: Open DB2 Discovery Service Report
- HIGH: Open DVR DHCPDiscover Report
- HIGH: Open Elasticsearch Report
- HIGH: Open IPMI Report
- HIGH: Open IPP Report
- HIGH: Open LDAP Report
- HIGH: Open LDAP TCP Report
- HIGH: Open MS-SQL Server Resolution Service Report
- HIGH: Open Memcached Report
- HIGH: Open MongoDB Report
- HIGH: Open NAT-PMP Report
- HIGH: Open NetBIOS Report
- HIGH: Open Redis Report
- HIGH: Open SNMP Report
- HIGH: Open SSDP Report
- HIGH: Open Ubiquiti Report
- HIGH: Post-Exploitation Framework Report
- INFO: Accessible HTTP Report
- INFO: Accessible ISAKMP Report
- INFO: Accessible NTRIP Report
- INFO: Accessible QUIC Report
- INFO: Accessible SMTP Report
- INFO: Accessible SSH Report
- INFO: Accessible SSL Report
- INFO: Device Identification Report
- INFO: Honeypot DDoS Target Events Report
- INFO: Honeypot Amplification DDoS Events Report
- INFO: Ransomware Victim Report
- INFO: Sinkhole DNS Events Report
- INFO: Tycoon 2FA Domains Special Report
- LOW: Accessible GPRS Tunneling Protocol (GTP) Report
- LOW: Accessible HTTP Proxy Report
- LOW: Accessible IMAP Report
- LOW: Accessible POP3 Report
- LOW: Block List Report
- LOW: SSL FREAK Report
- LOW: SSL POODLE Report
- LOW: Spam URL Report
- LOW: Targeted Host Report
- MEDIUM: Accessible AMQP Report
- MEDIUM: Accessible ActiveMQ Service Report
- MEDIUM: Accessible CoAP Report
- MEDIUM: Accessible FTP Report
- MEDIUM: Accessible MSMQ Service Report
- MEDIUM: Accessible Rsync Report
- MEDIUM: Accessible SOCKS 4/5 Proxy Report
- MEDIUM: Accessible STUN Service Report
- MEDIUM: Accessible Telnet Report
- MEDIUM: Accessible WS-Discovery Service Report
- MEDIUM: DNS Open Resolvers Report
- MEDIUM: IP Spoofer Events Report
- MEDIUM: NTP Monitor Report
- MEDIUM: NTP Version Report
- MEDIUM: Open CWMP Report
- MEDIUM: Open CharGen Report
- MEDIUM: Open HTTP Proxy Report
- MEDIUM: Open IP-Tunnel Report
- MEDIUM: Open MQTT Report
- MEDIUM: Open Portmapper Report
- MEDIUM: Open QOTD Report
- MEDIUM: Open TFTP Report
- MEDIUM: Open mDNS Report
- MEDIUM: Vulnerable DDoS Middlebox Report
- MEDIUM: Vulnerable ISAKMP Report
- OPTIONAL: Sandbox Connection Report
- OPTIONAL: Sandbox IRC Report
- OPTIONAL: Sandbox URL Report
- Qakbot Historical Bot Infections Special Report
- Vulnerable Exchange Servers Special Report #1
- Vulnerable Exchange Servers Special Report #2
- Vulnerable Exchange Servers Special Report #3
- Vulnerable Exchange Servers Special Report #4
- Vulnerable Exchange Servers Special Report #5
- Vulnerable Fortinet Special Report
- Vulnerable Log4j Servers Special Report