Getting Started & Samples

In this section, you'll find sample links to get you started with the API and get and idea for how it works.

Table of Contents #

Getting started #

The Silobreaker API is straightforward and to a large extent mirrors the functionality of the Silobreaker UI.

A good way to get familiar with the API is to start out with the sample links below to get an understanding of the nature of a call. You can also inspect the Silobreaker UI and how it utilizes the API for various operations using the developer tools in most browsers. By capturing the queries to the API made by the UI you have a very good way of finding the API call that does exactly what you are looking for.

For more in-depth information on searching and entity types, refer to Query Syntax & Entity Types.

Once you're acquainted with the nature of the API, and how to craft calls that return the data you want - move on to our code samples for authentication below and read the authentication section.

Sample links #

Below are some sample api calls that shows some of the features of the API.

These links require you to be signed on to your Silobreaker account in your browser. Note that any use of the API except for in-browser testing purposes requires a valid API license and API key.

Please note that some of the links below requires certain Silobreaker lists like "Malware1" and "IOCs" to exist. If they are not available in your account, contact your Silobreaker representative to get them added.

More samples can be found in the Query Syntax & Entity Types section.

Latest documents about the Mirai Trojan/Botnet (as XML):
https://api.silobreaker.com/documents/?q=Malware:Mirai+Trojan

Latest documents mentioning conficker (as JSON):
https://api.silobreaker.com/documents/?q=conficker&format=json

Threat actors related to APT29 (as CSV):
https://api.silobreaker.com/v1/infocus/?q=Threatactor:APT29&entitytypes=threatactor&format=csv

Latest documents mentioning entities on the Malware1 list:
https://api.silobreaker.com/documents?q=list:Malware1

Latest pastes from Pastebin (requires Pastebin access):
https://api.silobreaker.com/documents?q=provider:Pastebin?format=json

Most reported IPv4 addresses in Pastebin pastes:
https://api.silobreaker.com/v1/infocus?q=provider:Pastebin&type=json&entitytypes=IPv4

Hash codes reported from publications on the IOC publication list:
https://api.silobreaker.com/v1/infocus/?q=list:IOCs&entitytypes=HASH

Trending attack types:
https://api.silobreaker.com/entities/heat?tq=list:Attack%20Types&type=json

IPv4 details on a specific hash:
https://api.silobreaker.com/v1/InFocus?q=2c89f125fb03cbfaff76b6690b3f9c3f&type=json&entitytypes=IPv4

Documents mentioning a specific hash:
https://api.silobreaker.com/search/documents?q=2c89f125fb03cbfaff76b6690b3f9c3f&type=json

Documents/leaks containing credit card Issuer Identification Numbers:
https://api.silobreaker.com/documents?q=entitytype:iin&type=json

Code samples #

Code samples in various languages.

Code samples for authenticating with Silobreaker API

CLI samples #

Samples for interacting with the Silobreaker API using CURL and a CLI.

These samples require you to have a valid API license and the appropriate role set for using the API externally.

Login with CURL and FormsAuthentication

To log in with curl, and create a cookie jar containing the authentication cookie, issue:

curl -c cookiejar -H "Content-Type: application/json" "https://api.silobreaker.com/v1/login/" --data "@LOGINCREDENTIALS"`

Where LOGINCREDENTIALS is a json file with your login credentials:

{
    "Username": "silobreaker_account_name",
    "Password": "silobreaker_password"
}

Searching for documents

Searching for documents, using the authentication cookiejar from Login. Result is pretty-printed to decent json using Python json.tool.

curl -s -b cookiejar "https://api.silobreaker.com/documents?q=stuxnet&type=json" | python -mjson.tool

In browser: https://api.silobreaker.com/documents?q=stuxnet&type=json

Trending Malware

curl -s -b cookiejar "https://api.silobreaker.com/entities/heat?tq=list:Malware1&type=json" | python -mjson.tool

In browser: https://api.silobreaker.com/entities/heat?tq=list:Malware1&type=json

To get the name of the top trending malware, parse the output using e.g. Node

curl -s -b cookiejar "https://api.silobreaker.com/entities/heat?tq=list:Malware1&type=json" | node -pe "JSON.parse(require('fs').readFileSync('/dev/stdin').toString()).Items[0].Description"^

Documentation generated by mdoc.