Skip to content

UPinar/contrastapi

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
.github/workflows
.github/workflows
 
 
app
app
 
 
deploy
deploy
 
 
.dockerignore
.dockerignore
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
glama.json
glama.json
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

ContrastAPI

Security intelligence API for AI models and developers. CVE lookup, domain reconnaissance, and code security verification. Structured JSON with LLM-optimized summaries.

Live: https://api.contrastcyber.com

Endpoints

Domain Intelligence

GET /v1/domain/{domain}        Full domain report
GET /v1/dns/{domain}           DNS records
GET /v1/whois/{domain}         WHOIS lookup
GET /v1/subdomains/{domain}    Subdomain enumeration
GET /v1/certs/{domain}         CT log certificates
GET /v1/ip/{ip}                Reverse DNS

CVE Intelligence

GET /v1/cve/{cve_id}           CVE details + EPSS + KEV
GET /v1/cves?product=&severity= Search CVEs
GET /v1/cves/recent?hours=24   Latest CVEs
GET /v1/cves/kev               CISA exploited vulns
GET /v1/epss/{cve_id}          Exploit probability

Code Security

POST /v1/check/headers         Validate HTTP security headers
POST /v1/check/secrets         Detect hardcoded secrets
POST /v1/check/injection       SQL/cmd injection patterns
POST /v1/check/dependencies    Check packages for known CVEs

Quick Start

curl https://api.contrastcyber.com/v1/domain/example.com
{
  "domain": "example.com",
  "summary": "example.com resolves to 93.184.216.34. SSL by DigiCert. No WAF. 3 subdomains.",
  "dns": { "a": ["93.184.216.34"], "ns": ["a.iana-servers.net"] },
  "whois": { "registrar": "RESERVED-Internet Assigned Numbers Authority" },
  "ssl": { "issuer": "DigiCert", "not_after": "Mar 01 2025" },
  "subdomains": { "count": 3, "subdomains": ["www.example.com"] },
  "waf": { "waf_present": false }
}

Authentication

Tier Rate Limit Auth
Free 100 req/hr No key needed
Pro 1,000 req/hr Authorization: Bearer cc_xxx

Pro keys available at api.contrastcyber.com -- $9/month.

Docs

Data Sources

Source Records Update
NVD (NIST) 340k+ CVEs Every 2 hours
CISA KEV 1,500+ exploited vulns Every 2 hours
FIRST EPSS 323k+ exploit scores Every 2 hours

Self-Hosting

git clone https://github.com/UPinar/contrastapi.git
cd contrastapi
python3 -m venv venv
venv/bin/pip install -r requirements.txt
cd app
../venv/bin/uvicorn main:app --host 127.0.0.1 --port 8002

Tests

cd app
python -m pytest tests/ -v

270 tests covering auth, rate limiting, validation, database operations, domain intelligence, CVE intelligence, code security, and API routes.

Stack

  • Runtime: Python 3.12, FastAPI, uvicorn
  • Database: SQLite (WAL mode, 3 databases)
  • DNS: dnspython
  • HTTP: httpx

License

MIT

About

Security intelligence API for AI models — CVE lookup, domain recon, code security checks. MCP server included.

api.contrastcyber.com/

Topics

mcp cybersecurity cve security-api fastapi ai-tools mcp-server

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 2

v1.3.0 — Threat Intel, Live Scan, Metrics Latest
Mar 26, 2026
+ 1 release

Packages

 
 
 

Contributors

Languages