API Documentation



How to Use the Ransomware.live API for Comprehensive Intel Retrieval

Introduction

The Ransomware.live API provides a robust interface to access data on ransomware activities, including recent posts, ransomware groups, cyberattacks, and more. Below, you’ll find instructions on how to use the API to access various types of intel, complete with endpoint details and example requests.

Prerequisites

Base URL

https://api.ransomware.live/v2

Victim Data Fields

Base URL

https://www.ransomware.live/v2

Endpoints

Get API Information

GET /info

curl -X GET "https://api.ransomware.live/v2/info" -H "Accept: application/json"

Retrieve Recent Victims

GET /recentvictims

curl -X GET "https://api.ransomware.live/v2/recentvictims" -H "Accept: application/json"

Retrieve Specific Ransomware Group

GET /group/<group_name>

curl -X GET "https://api.ransomware.live/v2/group/conti" -H "Accept: application/json"

Retrieve All Groups

GET /groups

curl -X GET "https://api.ransomware.live/v2/groups" -H "Accept: application/json"

Retrieve All Cyberattacks

GET /allcyberattacks

curl -X GET "https://api.ransomware.live/v2/allcyberattacks" -H "Accept: application/json"

Retrieve Victims by Group

GET /groupvictims/<group_name>

curl -X GET "https://api.ransomware.live/v2/groupvictims/revil" -H "Accept: application/json"

Search Victims

GET /searchvictims/<keyword>

curl -X GET "https://api.ransomware.live/v2/searchvictims/bank" -H "Accept: application/json"

Retrieve Cyberattacks by Country

GET /countrycyberattacks/<country_code>

curl -X GET "https://api.ransomware.live/v2/countrycyberattacks/FR" -H "Accept: application/json"

Retrieve Victims by Country

GET /countryvictims/<country_code>

curl -X GET "https://api.ransomware.live/v2/countryvictims/US" -H "Accept: application/json"

Retrieve Victims by Year/Month

GET /victims/<year> or /victims/<year>/<month>

curl -X GET "https://api.ransomware.live/v2/victims/2024/01" -H "Accept: application/json"

Retrieve Victims by Sector

GET /sectorvictims/<sector> or /sectorvictims/<sector>/<countrycode>

curl -X GET "https://api.ransomware.live/v2/sectorvictims/healthcare" -H "Accept: application/json"

Retrieve CERTs by Country

GET /certs/<country_code>

curl -X GET "https://api.ransomware.live/v2/certs/DE" -H "Accept: application/json"

Error Handling

The API returns standard HTTP status codes:

Contact

For issues, please contact the maintainer or visit Ransomware.live.

Conclusion

Using the Ransomware.live API, you can gain access to critical ransomware intelligence quickly and efficiently. Ensure to handle your API requests responsibly, respecting rate limits and properly securing any sensitive data. For more information, refer to the official API documentation.