API Documentation

How to Use the Ransomware.live API for Comprehensive Intel Retrieval

Introduction

The Ransomware.live API provides a robust interface to access data on ransomware activities, including recent posts, ransomware groups, cyberattacks, and more. Below, you’ll find instructions on how to use the API to access various types of intel, complete with endpoint details and example requests.

Prerequisites

Basic knowledge of HTTP requests.
An API client or tool, such as curl, Postman, or a suitable programming library like requests for Python.

Base URL

The base URL for the API is:

https://api.ransomware.live/

Endpoints

1. Retrieve Recent Posts

Endpoint: /recentvictims

Description: Retrieves the 100 most recent posts related to ransomware victims.

Rate Limit: 1 request per minute.

curl -X GET "https://api.ransomware.live/recentvictims" -H "accept: application/json"

2. Retrieve All Ransomware Groups

Endpoint: /groups

Description: Fetches information about all known ransomware groups, including details on the tools and techniques they use.

curl -X GET "https://api.ransomware.live/groups" -H "accept: application/json"

3. Retrieve Specific Ransomware Group Details

Endpoint: /group/<group_name>

Description: Retrieves details for a specified ransomware group by name.

curl -X GET "https://api.ransomware.live/group/REvil" -H "accept: application/json"

4. Retrieve Ransomware Incidents by Date

Endpoint: /victims/<year> or /victims/<year>/<month>

Description: Fetches ransomware incidents based on the specified year and optional month.

curl -X GET "https://api.ransomware.live/victims/2023/06" -H "accept: application/json"

5. Retrieve All Cyberattacks

Endpoint: /allcyberattacks

Description: Fetches a comprehensive list of all known cyberattacks, sorted by date.

curl -X GET "https://api.ransomware.live/allcyberattacks" -H "accept: application/json"

6. Retrieve Cyberattacks by Country

Endpoint: /countryattacks/<country_code>

Description: Retrieves cyberattacks that have targeted a specific country, identified by its country code.

curl -X GET "https://api.ransomware.live/countryattacks/US" -H "accept: application/json"

7. Retrieve Recent Cyberattacks

Endpoint: /recentcyberattacks

Description: Fetches the latest 100 cyberattack incidents.

curl -X GET "https://api.ransomware.live/recentcyberattacks" -H "accept: application/json"

Error Handling

The API provides detailed error messages:

404 Not Found: The requested resource doesn’t exist.
429 Too Many Requests: You’ve exceeded the rate limit.
500 Internal Server Error: There was an issue on the server side.

Conclusion

Using the Ransomware.live API, you can gain access to critical ransomware intelligence quickly and efficiently. Ensure to handle your API requests responsibly, respecting rate limits and properly securing any sensitive data. For more information, refer to the official API documentation.