apiclient.xyz/abuse.ch
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
26 Commits 1 Branch 13 Tags
main
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Juergen Kunz 668ce7d612 v2.0.1
2025-11-22 17:27:31 +00:00
.gitea/workflows
fix(core): update
2023-07-28 06:00:09 +02:00
.vscode
fix(core): update
2023-07-28 06:00:09 +02:00
test
BREAKING CHANGE(UrlHaus): Rename UrlHouse to UrlHaus (public API change), migrate dev dependencies to @git.zone, bump runtime deps, adjust TS module resolution, and update tests/docs.
2025-11-22 17:07:12 +00:00
ts
fix(package.json): Pin pnpm packageManager in package.json and remove stale analysis.md
2025-11-22 17:27:31 +00:00
.gitignore
fix(core): update
2023-07-28 06:00:09 +02:00
changelog.md
fix(package.json): Pin pnpm packageManager in package.json and remove stale analysis.md
2025-11-22 17:27:31 +00:00
checkmanually.md
BREAKING CHANGE(UrlHaus): Rename UrlHouse to UrlHaus (public API change), migrate dev dependencies to @git.zone, bump runtime deps, adjust TS module resolution, and update tests/docs.
2025-11-22 17:07:12 +00:00
npmextra.json
fix(core): update
2023-07-28 06:00:09 +02:00
package.json
v2.0.1
2025-11-22 17:27:31 +00:00
pnpm-lock.yaml
BREAKING CHANGE(UrlHaus): Rename UrlHouse to UrlHaus (public API change), migrate dev dependencies to @git.zone, bump runtime deps, adjust TS module resolution, and update tests/docs.
2025-11-22 17:07:12 +00:00
readme.hints.md
BREAKING CHANGE(UrlHaus): Rename UrlHouse to UrlHaus (public API change), migrate dev dependencies to @git.zone, bump runtime deps, adjust TS module resolution, and update tests/docs.
2025-11-22 17:07:12 +00:00
readme.md
BREAKING CHANGE(UrlHaus): Rename UrlHouse to UrlHaus (public API change), migrate dev dependencies to @git.zone, bump runtime deps, adjust TS module resolution, and update tests/docs.
2025-11-22 17:07:12 +00:00
tsconfig.json
BREAKING CHANGE(UrlHaus): Rename UrlHouse to UrlHaus (public API change), migrate dev dependencies to @git.zone, bump runtime deps, adjust TS module resolution, and update tests/docs.
2025-11-22 17:07:12 +00:00

readme.md

@apiclient.xyz/abuse.ch

🛡️ Unofficial TypeScript/JavaScript client for retrieving threat intelligence data from abuse.ch

Access real-time malware URLs, malicious indicators of compromise (IOCs), and botnet C&C servers through a clean, type-safe API.

Issue Reporting and Security

For reporting bugs, issues, or security vulnerabilities, please visit community.foss.global/. This is the central community hub for all issue reporting. Developers who sign and comply with our contribution agreement and go through identification can also get a code.foss.global/ account to submit Pull Requests directly.

What is abuse.ch?

abuse.ch is a community-driven platform operated by a Swiss security researcher that tracks and shares threat intelligence data. This module provides programmatic access to three key abuse.ch services:

  • URLhaus - Malware URL distribution database
  • ThreatFox - Indicators of Compromise (IOC) sharing platform
  • FeodoTracker - Botnet C&C server tracker

Installation

npm install @apiclient.xyz/abuse.ch
# or
pnpm install @apiclient.xyz/abuse.ch

Usage

URLhaus - Retrieve Malicious URLs

import { UrlHaus } from '@apiclient.xyz/abuse.ch';

const urlHaus = new UrlHaus();
const maliciousUrls = await urlHaus.getData();

console.log(maliciousUrls[0]);
// {
//   ID: '12345',
//   Dateadded: '2025-01-15 10:30:00',
//   URL: 'http://malicious-example.com/malware.exe',
//   URLStatus: 'online',
//   Threat: 'malware_download',
//   AssociatedTags: 'emotet',
//   UrlHausLink: 'https://urlhaus.abuse.ch/url/12345/',
//   Reporter: 'abuse_ch'
// }

ThreatFox - Access IOC Data

import { ThreatFox } from '@apiclient.xyz/abuse.ch';

const threatFox = new ThreatFox();
const iocs = await threatFox.getData();

console.log(iocs[0]);
// {
//   ID: '67890',
//   Dateadded: '2025-01-15 11:45:00',
//   URL: 'http://c2-server.example.com',
//   URLStatus: 'online',
//   Threat: 'botnet_cc',
//   AssociatedTags: 'mirai',
//   ThreatFoxLink: 'https://threatfox.abuse.ch/ioc/67890/',
//   Reporter: 'researcher_name'
// }

FeodoTracker - Track Botnet C&C Servers

import { FeodoTracker } from '@apiclient.xyz/abuse.ch';

const feodoTracker = new FeodoTracker();
const c2servers = await feodoTracker.getData();

console.log(c2servers[0]);
// {
//   ip_address: '192.0.2.100',
//   port: 8080,
//   status: 'online',
//   hostname: 'malicious.example.com',
//   as_number: 12345,
//   as_name: 'EXAMPLE-AS',
//   country: 'US',
//   first_seen: '2025-01-10',
//   last_online: '2025-01-15',
//   malware: 'Emotet'
// }

TypeScript Support

This module is written in TypeScript and provides full type definitions out of the box. All data structures are properly typed for maximum developer productivity and type safety.

import type {
  IUrlHausData,
  IThreatFoxData,
  IFeodoTrackerData
} from '@apiclient.xyz/abuse.ch';

Proxy Support

The client automatically detects and uses proxy settings from your environment variables (HTTP_PROXY, HTTPS_PROXY) when making requests to abuse.ch APIs.

Features

Type-safe - Full TypeScript support with comprehensive interfaces Modern - Uses ES modules and async/await patterns Lightweight - Minimal dependencies, focused functionality Proxy-aware - Automatic proxy detection and configuration Reliable - Fetches data directly from official abuse.ch sources

API Rate Limits

Please be respectful of abuse.ch's resources. The service is provided free of charge by the security community. Avoid excessive polling and cache results when possible.

Links

License and Legal Information

This repository contains open-source code that is licensed under the MIT License. A copy of the MIT License can be found in the license file within this repository.

Please note: The MIT License does not grant permission to use the trade names, trademarks, service marks, or product names of the project, except as required for reasonable and customary use in describing the origin of the work and reproducing the content of the NOTICE file.

Trademarks

This project is owned and maintained by Task Venture Capital GmbH. The names and logos associated with Task Venture Capital GmbH and any related products or services are trademarks of Task Venture Capital GmbH and are not included within the scope of the MIT license granted herein. Use of these trademarks must comply with Task Venture Capital GmbH's Trademark Guidelines, and any usage must be approved in writing by Task Venture Capital GmbH.

Company Information

Task Venture Capital GmbH Registered at District court Bremen HRB 35230 HB, Germany

For any legal inquiries or if you require further information, please contact us via email at hello@task.vc.

By using this repository, you acknowledge that you have read this section, agree to comply with its terms, and understand that the licensing of the code does not imply endorsement by Task Venture Capital GmbH of any derivative works.

Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme 244 KiB
Languages
TypeScript 100%