WebGuarder
ToolsAPI Docs
Free API — No Key Required

Developer API

Access 50+ security scanning tools via REST API. No signup, no API keys, no rate limits for reasonable use. Build security into your CI/CD pipeline, monitoring dashboards, or custom tools.

RESTful JSON API
No Authentication Required
Copy-Paste Code Snippets

Quick Start

bash
# Get a full security report for any domain
curl -X POST "https://webguarder.com/api/tools/domain-reputation" \
  -H "Content-Type: application/json" \
  -d '{"domain": "yoursite.com"}'
$0
WebGuarder API
$50/mo
SecurityTrails API
$49/mo
Shodan API
50+
Endpoints
POST

Domain Reputation

Intelligence

Get a 0-100 security reputation score with letter grade, risk assessment, and actionable recommendations.

/api/tools/domain-reputation
POST

Full Security Report

Intelligence

Comprehensive security analysis combining DNS, SSL, email auth, headers, and subdomain scanning in one call.

/api/tools/full-report
POST

Subdomain Finder

Reconnaissance

Discover subdomains using 10+ OSINT sources with IP resolution, HTTP probing, and cloud provider detection.

/api/tools/subdomain-finder
POST

Port Scan + CVEs

Reconnaissance

Scan common ports with service fingerprinting and automatic CVE correlation from NVD.

/api/tools/port-scan
POST

DNS Map

DNS

Visual infrastructure mapping — DNS records, IPs, nameservers, mail servers with geolocation and ASN data.

/api/tools/dns-map
POST

Email Security

Email

Verify SPF, DKIM, and DMARC configurations. Detect email spoofing vulnerabilities.

/api/tools/email-security-check
POST

SSL/TLS Deep Analysis

SSL

SSL Labs-style analysis: cipher suites, protocol versions, certificate chain, forward secrecy, HSTS.

/api/tools/ssl-deep-analysis
POST

IP Intelligence

Intelligence

Comprehensive IP analysis — geolocation, open ports, threat intel, blacklist checks, reverse DNS, ASN data.

/api/tools/ip-intel
POST

WHOIS Lookup

Intelligence

Domain registration details — registrar, dates, nameservers, DNSSEC status, and expiry warnings.

/api/tools/whois-lookup
POST

Tech Stack Detection

Reconnaissance

Identify web technologies, frameworks, CDNs, analytics, and server software used by any website.

/api/tools/tech-stack
POST

Cloud Exposure

Reconnaissance

Discover exposed cloud resources — S3 buckets, Azure Blob, GCP buckets, Firebase databases, Docker registries.

/api/tools/cloud-exposure
POST

CT Log Search

Intelligence

Search Certificate Transparency logs for all certificates issued for a domain. Discover subdomains and track issuance.

/api/tools/ct-logs
POST

WAF Detection

Reconnaissance

Identify Web Application Firewalls protecting a target — Cloudflare, AWS WAF, Akamai, and more.

/api/tools/waf-detect
POST

Secret Scanner

Vulnerability

Scan public HTML and JavaScript for exposed API keys, tokens, passwords, and secrets (25+ patterns).

/api/tools/secret-scan
POST

DNS History

DNS

Historical DNS records and certificate transparency timeline. Track infrastructure changes over time.

/api/tools/dns-history

Rate Limits & Usage

Free Tier
10 requests/minute per IP. No API key needed.
Response Format
All responses are JSON. Errors return {"detail": "..."}.
Caching
Results cached 15 minutes. Same domain scans return cached data.

Need higher limits? Create a free account for authenticated API access with higher rate limits and scan history.