Free API
ImmuniWeb Community Edition provides a free API for the Website Security Test. It shares the number of tests performed via web interface.
| Account type | Tests per day | Monthly subscription |
| No Account | 10 | Free |
| Free Account | 20 | Free |
Premium API
ImmuniWeb Community Edition also provides a premium API for a higher number of tests via API or web interface:
| Select package | Tests per day | Monthly subscription |
| 50 | $199 | |
| 500 | $1990 | |
| 1000 | $3980 | |
| 2500 | $7995 |
Total: $199
Get in touch for details.
Public schools, local governments and non-for-profit organizations may request a free access to the premium API.
API Documentation
API Specifications
| Field Name | Value |
| Protocol | HTTP/HTTPS |
| Request Type | POST |
| URL | https://www.immuniweb.com/websec/api/v1/chsec/[ustamp].html - where "ustamp" is an arbitrary UNIX time-stamp (must be an integer). Such construction is done to prevent caching on client side. |
POST Data Specification
| Field Name | Value |
| api_key | secret token which you submit alongside with the request |
| tested_url | the URL of the domain to be tested. |
| dnsr | "on" means that test results will be hidden, "off" means that test results will be displayed in statistics. |
| choosen_ip | IP address of tested server (if tested domain resolves to multiple addresses). |
| recheck | "false" will either use the results from the cache, or start a new test if the target has never been scanned. "true" will start a new test without checking the cache. Please note that you will also need to supply an API key to successfully make the request. |
| token | value of the token sent by the server if the tested domain is resolved into several IP addresses. |
Example of Transaction Using CURL
New test (not cached)
curl -d "tested_url=twitter.com&choosen_ip=any&dnsr=off&recheck=false" "https://www.immuniweb.com/websec/api/v1/chsec/1451425590.html"
{
"job_id": "2a9e1f1bc92dc0c7a4bde930dff488771eea6d36988208d34163c5496227b8dc",
"status": "test_started",
"status_id": 1,
"message": "Test has started"
}
"job_id": "2a9e1f1bc92dc0c7a4bde930dff488771eea6d36988208d34163c5496227b8dc",
"status": "test_started",
"status_id": 1,
"message": "Test has started"
}
curl -d "job_id=2a9e1f1bc92dc0c7a4bde930dff488771eea6d36988208d34163c5496227b8dc" "https://www.immuniweb.com/websec/api/v1/get_result/1451425590.html"
{
"job_id": "2a9e1f1bc92dc0c7a4bde930dff488771eea6d36988208d34163c5496227b8dc",
"status": "in_progress",
"status_id": 2,
"message": "Your test is in progress"
}
"job_id": "2a9e1f1bc92dc0c7a4bde930dff488771eea6d36988208d34163c5496227b8dc",
"status": "in_progress",
"status_id": 2,
"message": "Your test is in progress"
}
New test (cached)
curl -d "tested_url=twitter.com&choosen_ip=any&dnsr=off&recheck=false" "https://www.immuniweb.com/websec/api/v1/chsec/1451425590.html"
{
"test_id": "c84936eef26eeb8aaef5ffc43f38ddb91adfd90ac27fb416bd0b21fe2edb1004",
"status": "test_cached",
"status_id": 3,
"message": "Test is cached"
}
"test_id": "c84936eef26eeb8aaef5ffc43f38ddb91adfd90ac27fb416bd0b21fe2edb1004",
"status": "test_cached",
"status_id": 3,
"message": "Test is cached"
}
curl -d "id=c84936eef26eeb8aaef5ffc43f38ddb91adfd90ac27fb416bd0b21fe2edb1004" "https://www.immuniweb.com/websec/api/v1/get_result/1451425590.html"
{ ... }
Example with error
curl -d "tested_url=0.0.0.0&choosen_ip=any&dnsr=off&recheck=false" "https://www.immuniweb.com/websec/api/v1/chsec/1451425590.html"
{
"error": "Domain name 0.0.0.0 was resolved in an invalid IP address",
"error_name": "invalid_ip_resolved",
"error_id": 16
}
"error": "Domain name 0.0.0.0 was resolved in an invalid IP address",
"error_name": "invalid_ip_resolved",
"error_id": 16
}
Download PDF
curl -d "api_key=your_api_key""https://www.immuniweb.com/websec/gen_pdf/test_id/" > report.pdf