Security intelligence API for AI agents and developers. CVE lookup with EPSS/KEV enrichment, domain reconnaissance, IP reputation (GreyNoise, AbuseIPDB, Shodan), technology fingerprinting, threat intelligence, and code security verification. 20 tools, free, no signup required.
Live: api.contrastcyber.com | MCP: https://mcp.contrastcyber.com/mcp | Scanner: contrastcyber.com
- One call, full picture — domain report returns DNS + WHOIS + SSL + subdomains + WAF + IP reputation in a single response
- CVE intelligence — 340K+ CVEs enriched with EPSS exploit probability and CISA KEV status
- IP reputation — GreyNoise, AbuseIPDB, Shodan enrichment with 4-hour cache
- Tech fingerprinting — detect CMS, frameworks, CDN, analytics from headers + HTML
- AI-native — MCP server, LLM-optimized summaries, structured JSON
- Free forever — 100 req/hr, no API key, no signup
# Domain intelligence
curl "https://api.contrastcyber.com/v1/domain/example.com"
# CVE lookup with EPSS + KEV
curl "https://api.contrastcyber.com/v1/cve/CVE-2024-3094"
# Search CVEs
curl "https://api.contrastcyber.com/v1/cves?product=apache&severity=critical"
# Check code for secrets
curl -X POST "https://api.contrastcyber.com/v1/check/secrets" \
-H "Content-Type: application/json" \
-d '{"code": "password = \"admin123\"", "language": "python"}'GET /v1/domain/{domain} Full domain report (DNS + WHOIS + SSL + subs + WAF + reputation)
GET /v1/dns/{domain} DNS records (A, AAAA, MX, NS, TXT, CNAME, SOA)
GET /v1/whois/{domain} WHOIS registration data
GET /v1/subdomains/{domain} Subdomain enumeration (DNS brute + CT logs)
GET /v1/certs/{domain} Certificate transparency logs
GET /v1/ip/{ip} IP intel + reputation (GreyNoise, AbuseIPDB, Shodan)
GET /v1/tech/{domain} Technology fingerprinting (CMS, frameworks, CDN, analytics)
GET /v1/threat/{domain} Threat intelligence (URLhaus malware URLs)
GET /v1/scan/headers/{domain} Live HTTP security header scan
GET /v1/cve/{cve_id} CVE details + EPSS + KEV
GET /v1/cves?product=&severity= Search CVEs
GET /v1/cves/recent?hours=24 Latest CVEs
GET /v1/cves/kev CISA exploited vulns
GET /v1/epss/{cve_id} Exploit probability
POST /v1/check/headers Validate HTTP security headers
POST /v1/check/secrets Detect hardcoded secrets
POST /v1/check/injection SQL/cmd injection patterns
POST /v1/check/dependencies Check packages for known CVEs
ContrastAPI is an MCP server. Add it to Claude, Cursor, or any MCP-compatible AI tool:
{
"mcpServers": {
"contrastapi": {
"url": "https://mcp.contrastcyber.com/mcp"
}
}
}20 security tools available — CVE lookup, domain recon, IP reputation, tech fingerprinting, code scanning — no integration code needed.
Or via Claude Code CLI:
claude mcp add --transport http contrastapi https://api.contrastcyber.com/mcp| Limit | Value |
|---|---|
| Per IP | 100 req/hr |
| No API key required |
| Source | Records | Update |
|---|---|---|
| NVD (NIST) | 340k+ CVEs | Every 2 hours |
| CISA KEV | 1,500+ exploited vulns | Every 2 hours |
| FIRST EPSS | 323k+ exploit scores | Every 2 hours |
- Swagger UI: https://api.contrastcyber.com/docs
- OpenAPI spec: https://api.contrastcyber.com/openapi.json
- LLM discovery: https://api.contrastcyber.com/llms.txt
git clone https://github.com/UPinar/contrastapi.git
cd contrastapi
python3 -m venv venv
venv/bin/pip install -r requirements.txt
cd app
../venv/bin/uvicorn main:app --host 127.0.0.1 --port 8002cd app && PYTHONPATH=. python -m pytest tests/ -v454 tests covering auth, rate limiting, validation, database operations, domain intelligence, CVE intelligence, code security, tech fingerprinting, IP reputation, and API routes.
- Runtime: Python 3.12, FastAPI, uvicorn
- Database: SQLite (WAL mode, 3 databases)
- DNS: dnspython
- HTTP: httpx
- MCP: mcp[fastmcp]
- RapidAPI: rapidapi.com/UPinar/api/contrastapi
- Product Hunt: Coming March 31, 2026
MIT