VulnCheck's Initial Access Intelligence Rules API allows customers to download Suricata or Snort rules that detect remote exploitation of Initial Access vulnerabilities (Remote Code Execution vulnerabilities that typically do not require authentication).
VulnCheck offers API endpoints for quick and easy access to the Suricata and Snort rules. The following endpoints contain one rule on each line:
For example, to fetch the Suricata rules, call /v3/rules/initial-access/suricata as follows:
curl --request GET \
--url https://api.vulncheck.com/v3/rules/initial-access/suricata \
--header 'Accept: application/json' \
--header 'Authorization: Bearer insert_token_here'
package main
import (
"fmt"
"github.com/vulncheck-oss/sdk-go"
)
func main() {
client := sdk.Connect("https://api.vulncheck.com", "insert_token_here")
response, err := client.GetRule("suricata")
if err != nil {
panic(err)
}
fmt.Println(response)
}
import vulncheck_sdk
configuration = vulncheck_sdk.Configuration(host="https://api.vulncheck.com/v3")
configuration.api_key["Bearer"] = "insert_token_here"
with vulncheck_sdk.ApiClient(configuration) as api_client:
endpoints_client = vulncheck_sdk.EndpointsApi(api_client)
api_response = endpoints_client.rules_initial_access_type_get("suricata")
print(api_response)
vulncheck rule suricata