@clawhub-krishnakumarmahadevan-cmd-f85de8e757
Identifies and fills compliance control gaps across security frameworks like ISO 27001, NIST, and SOC 2.
---
name: Compliance Gap Filler
description: Identifies and fills compliance control gaps across security frameworks like ISO 27001, NIST, and SOC 2.
---
# Overview
Compliance Gap Filler is a specialized API designed for security teams and compliance officers who need to identify missing controls and receive intelligent recommendations for remediation. It analyzes your current compliance posture against industry-standard frameworks and generates actionable gap-filling strategies.
This tool bridges the gap between compliance assessments and implementation by providing framework-specific guidance. Whether you're working with ISO 27001, NIST CSF, SOC 2, or other major frameworks, the API automatically maps your missing controls and suggests remediation pathways aligned with your chosen framework's requirements.
Ideal users include security architects, compliance managers, internal audit teams, managed security service providers (MSSPs), and organizations undergoing certification audits or regulatory assessments.
## Usage
### Sample Request
```json
{
"framework": "ISO 27001",
"missing_controls": [
"A.8.1.1 - User Registration and De-registration",
"A.9.2.1 - User Access Management",
"A.12.4.1 - Event Logging"
]
}
```
### Sample Response
```json
{
"framework": "ISO 27001",
"gap_analysis": [
{
"control": "A.8.1.1 - User Registration and De-registration",
"severity": "high",
"recommendation": "Implement a formal user access request and approval workflow with documented evidence of user on/off-boarding",
"estimated_effort": "medium",
"reference_standards": ["ISO 27001:2022"]
},
{
"control": "A.9.2.1 - User Access Management",
"severity": "critical",
"recommendation": "Establish role-based access control (RBAC) with quarterly access reviews and segregation of duties",
"estimated_effort": "high",
"reference_standards": ["ISO 27001:2022", "NIST SP 800-53"]
},
{
"control": "A.12.4.1 - Event Logging",
"severity": "high",
"recommendation": "Deploy centralized logging solution with minimum 90-day retention and real-time alerting for security events",
"estimated_effort": "medium",
"reference_standards": ["ISO 27001:2022", "SOC 2"]
}
],
"summary": {
"total_gaps": 3,
"critical_count": 1,
"high_count": 2,
"medium_count": 0,
"implementation_priority": "address critical gaps within 30 days"
}
}
```
## Endpoints
### POST /fill-compliance-gaps
**Description:** Analyzes missing controls within a specified compliance framework and returns gap analysis with remediation recommendations.
**Method:** `POST`
**Path:** `/fill-compliance-gaps`
**Parameters:**
| Name | Type | Required | Description |
|------|------|----------|-------------|
| `framework` | string | Yes | The compliance framework to analyze against (e.g., "ISO 27001", "NIST CSF", "SOC 2", "PCI-DSS", "HIPAA") |
| `missing_controls` | array | Yes | List of control identifiers or descriptions that are currently missing from your implementation |
**Request Body Schema:**
```json
{
"framework": "string",
"missing_controls": ["string"]
}
```
**Response (200 OK):**
Returns a gap analysis object containing framework-specific remediation guidance for each missing control, severity levels, implementation effort estimates, and cross-reference standards.
**Response (422 Validation Error):**
```json
{
"detail": [
{
"loc": ["body", "framework"],
"msg": "field required",
"type": "value_error.missing"
}
]
}
```
## Pricing
| Plan | Calls/Day | Calls/Month | Price |
|------|-----------|-------------|-------|
| Free | 5 | 50 | Free |
| Developer | 20 | 500 | $39/mo |
| Professional | 200 | 5,000 | $99/mo |
| Enterprise | 100,000 | 1,000,000 | $299/mo |
## About
ToolWeb.in - 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.
- [toolweb.in](https://toolweb.in)
- [portal.toolweb.in](https://portal.toolweb.in)
- [hub.toolweb.in](https://hub.toolweb.in)
- [toolweb.in/openclaw/](https://toolweb.in/openclaw/)
- [rapidapi.com/user/mkrishna477](https://rapidapi.com/user/mkrishna477)
- [youtube.com/@toolweb-009](https://youtube.com/@toolweb-009)
## References
- **Kong Route:** https://api.mkkpro.com/compliance/gap-filler
- **API Docs:** https://api.mkkpro.com:8024/docs
FILE:openapi.json
{
"openapi": "3.1.0",
"info": {
"title": "Compliance Gap Filler",
"version": "0.1.0"
},
"paths": {
"/fill-compliance-gaps": {
"post": {
"summary": "Fill Gaps",
"operationId": "fill_gaps_fill_compliance_gaps_post",
"requestBody": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/GapInput"
}
}
},
"required": true
},
"responses": {
"200": {
"description": "Successful Response",
"content": {
"application/json": {
"schema": {}
}
}
},
"422": {
"description": "Validation Error",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/HTTPValidationError"
}
}
}
}
}
}
}
},
"components": {
"schemas": {
"GapInput": {
"properties": {
"framework": {
"type": "string",
"title": "Framework"
},
"missing_controls": {
"items": {},
"type": "array",
"title": "Missing Controls"
}
},
"type": "object",
"required": [
"framework",
"missing_controls"
],
"title": "GapInput"
},
"HTTPValidationError": {
"properties": {
"detail": {
"items": {
"$ref": "#/components/schemas/ValidationError"
},
"type": "array",
"title": "Detail"
}
},
"type": "object",
"title": "HTTPValidationError"
},
"ValidationError": {
"properties": {
"loc": {
"items": {
"anyOf": [
{
"type": "string"
},
{
"type": "integer"
}
]
},
"type": "array",
"title": "Location"
},
"msg": {
"type": "string",
"title": "Message"
},
"type": {
"type": "string",
"title": "Error Type"
}
},
"type": "object",
"required": [
"loc",
"msg",
"type"
],
"title": "ValidationError"
}
}
}
}Analyzes Kubernetes YAML manifests for security misconfigurations, best practices violations, and compliance risks.
---
name: Kubernetes Security Review
description: Analyzes Kubernetes YAML manifests for security misconfigurations, best practices violations, and compliance risks.
---
# Overview
Kubernetes Security Review is a specialized security analysis tool that scans Kubernetes YAML manifests for vulnerabilities, misconfigurations, and deviations from industry security best practices. Organizations using Kubernetes in production environments can leverage this tool to identify and remediate security gaps before deployment.
The tool performs comprehensive static analysis on Kubernetes resources, detecting issues such as missing security contexts, overly permissive RBAC configurations, exposed secrets, resource limits violations, and container image best practices. This proactive approach helps prevent common Kubernetes security incidents and ensures compliance with organizational security policies.
Ideal users include DevOps engineers, platform security teams, Kubernetes administrators, and organizations implementing security-as-code practices. The tool integrates seamlessly into CI/CD pipelines, policy enforcement workflows, and infrastructure-as-code validation processes.
## Usage
### Sample Request
```json
{
"yaml_content": "apiVersion: v1\nkind: Pod\nmetadata:\n name: web-app\n namespace: production\nspec:\n containers:\n - name: nginx\n image: nginx:latest\n ports:\n - containerPort: 80\n securityContext:\n runAsNonRoot: false\n privileged: true\n resources:\n requests:\n memory: \"64Mi\"\n cpu: \"250m\"\n volumeMounts:\n - name: config\n mountPath: /etc/config\n volumes:\n - name: config\n secret:\n secretName: db-credentials"
}
```
### Sample Response
```json
{
"manifest_valid": true,
"findings": [
{
"severity": "HIGH",
"rule_id": "K8S-001",
"category": "Security Context",
"message": "Container running in privileged mode - potential security risk",
"resource": "Pod/web-app/containers/nginx",
"recommendation": "Set privileged: false and use specific capabilities instead"
},
{
"severity": "HIGH",
"rule_id": "K8S-002",
"category": "Container Image",
"message": "Using image tag 'latest' is not recommended in production",
"resource": "Pod/web-app/containers/nginx",
"recommendation": "Pin image to a specific version tag (e.g., nginx:1.25.3)"
},
{
"severity": "MEDIUM",
"rule_id": "K8S-003",
"category": "Security Context",
"message": "Container should run as non-root user",
"resource": "Pod/web-app/containers/nginx",
"recommendation": "Set runAsNonRoot: true and specify a non-zero uid"
},
{
"severity": "MEDIUM",
"rule_id": "K8S-004",
"category": "Pod Security",
"message": "Pod does not enforce read-only root filesystem",
"resource": "Pod/web-app",
"recommendation": "Set readOnlyRootFilesystem: true where possible"
}
],
"summary": {
"total_findings": 4,
"high_severity": 2,
"medium_severity": 2,
"low_severity": 0,
"compliance_score": 65
}
}
```
## Endpoints
### POST /review-k8s
Analyzes a Kubernetes YAML manifest for security issues, misconfigurations, and best practices violations.
**Method:** `POST`
**Path:** `/review-k8s`
**Parameters:**
| Name | Type | Required | Description |
|------|------|----------|-------------|
| `yaml_content` | string | Yes | Complete Kubernetes YAML manifest as a string. Can include single or multiple resources (Pods, Deployments, Services, ConfigMaps, Secrets, RBAC definitions, Network Policies, etc.). |
**Request Body:**
```json
{
"yaml_content": "<kubernetes-yaml-manifest>"
}
```
**Response (200 OK):**
Returns a comprehensive security analysis report including:
- `manifest_valid`: Boolean indicating if YAML is syntactically valid
- `findings`: Array of security findings, each containing:
- `severity`: One of HIGH, MEDIUM, LOW
- `rule_id`: Unique identifier for the security rule
- `category`: Type of finding (e.g., Security Context, Container Image, Pod Security, RBAC, Secrets Management)
- `message`: Detailed description of the issue
- `resource`: Kubernetes resource path affected
- `recommendation`: Remediation guidance
- `summary`: Aggregate statistics including total findings, severity breakdown, and compliance score
**Response (422 Validation Error):**
Returned when the request payload fails validation.
```json
{
"detail": [
{
"loc": ["body", "yaml_content"],
"msg": "field required",
"type": "value_error.missing"
}
]
}
```
## Pricing
| Plan | Calls/Day | Calls/Month | Price |
|------|-----------|-------------|-------|
| Free | 5 | 50 | Free |
| Developer | 20 | 500 | $39/mo |
| Professional | 200 | 5,000 | $99/mo |
| Enterprise | 100,000 | 1,000,000 | $299/mo |
## About
ToolWeb.in - 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.
- [toolweb.in](https://toolweb.in)
- [portal.toolweb.in](https://portal.toolweb.in)
- [hub.toolweb.in](https://hub.toolweb.in)
- [toolweb.in/openclaw/](https://toolweb.in/openclaw/)
- [rapidapi.com/user/mkrishna477](https://rapidapi.com/user/mkrishna477)
- [youtube.com/@toolweb-009](https://youtube.com/@toolweb-009)
## References
- **Kong Route:** https://api.mkkpro.com/security/k8s-security-review
- **API Docs:** https://api.mkkpro.com:8022/docs
FILE:openapi.json
{
"openapi": "3.1.0",
"info": {
"title": "Kubernetes Security Review",
"version": "0.1.0"
},
"paths": {
"/review-k8s": {
"post": {
"summary": "Review Kubernetes Yaml",
"operationId": "review_kubernetes_yaml_review_k8s_post",
"requestBody": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/K8sInput"
}
}
},
"required": true
},
"responses": {
"200": {
"description": "Successful Response",
"content": {
"application/json": {
"schema": {}
}
}
},
"422": {
"description": "Validation Error",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/HTTPValidationError"
}
}
}
}
}
}
}
},
"components": {
"schemas": {
"HTTPValidationError": {
"properties": {
"detail": {
"items": {
"$ref": "#/components/schemas/ValidationError"
},
"type": "array",
"title": "Detail"
}
},
"type": "object",
"title": "HTTPValidationError"
},
"K8sInput": {
"properties": {
"yaml_content": {
"type": "string",
"title": "Yaml Content"
}
},
"type": "object",
"required": [
"yaml_content"
],
"title": "K8sInput"
},
"ValidationError": {
"properties": {
"loc": {
"items": {
"anyOf": [
{
"type": "string"
},
{
"type": "integer"
}
]
},
"type": "array",
"title": "Location"
},
"msg": {
"type": "string",
"title": "Message"
},
"type": {
"type": "string",
"title": "Error Type"
}
},
"type": "object",
"required": [
"loc",
"msg",
"type"
],
"title": "ValidationError"
}
}
}
}Generates industry-specific and region-specific compliance checklists to streamline regulatory adherence and audit preparation.
---
name: Compliance Checklist Generator
description: Generates industry-specific and region-specific compliance checklists to streamline regulatory adherence and audit preparation.
---
# Overview
The Compliance Checklist Generator is a specialized API designed to automate the creation of compliance checklists tailored to your organization's industry and regulatory region. This tool eliminates manual checklist creation by leveraging compliance frameworks and regulatory requirements specific to your operational context.
By providing your industry vertical and geographic region, the API returns a comprehensive, actionable checklist that aligns with relevant compliance standards, regulations, and best practices. This significantly reduces the time and expertise required to prepare for audits, maintain regulatory compliance, and implement governance controls.
The Compliance Checklist Generator is ideal for security teams, compliance officers, risk managers, and internal audit functions seeking to standardize compliance assessment processes and ensure consistent coverage of regulatory requirements across their organization.
## Usage
**Sample Request:**
```json
{
"industry": "Financial Services",
"region": "United States"
}
```
**Sample Response:**
```json
{
"checklist_id": "ccg-20250115-fs-us-001",
"industry": "Financial Services",
"region": "United States",
"generated_at": "2025-01-15T14:32:18Z",
"checklist_items": [
{
"id": 1,
"category": "Data Security",
"requirement": "Implement encryption for data in transit and at rest",
"framework": "NIST Cybersecurity Framework",
"status": "pending"
},
{
"id": 2,
"category": "Access Control",
"requirement": "Enforce multi-factor authentication for all user accounts",
"framework": "SOC 2 Type II",
"status": "pending"
},
{
"id": 3,
"category": "Audit & Monitoring",
"requirement": "Maintain audit logs for a minimum of 7 years",
"framework": "SEC Regulations",
"status": "pending"
}
],
"total_items": 3,
"estimated_completion_hours": 120
}
```
## Endpoints
### POST /generate-checklist
**Description:** Generates a compliance checklist customized for the specified industry and region.
**Method:** POST
**Path:** `/generate-checklist`
**Request Parameters:**
| Parameter | Type | Required | Description |
|-----------|------|----------|-------------|
| `industry` | string | Yes | The industry vertical for which the checklist is generated (e.g., "Financial Services", "Healthcare", "E-commerce", "Technology") |
| `region` | string | Yes | The geographic region or jurisdiction for which compliance requirements apply (e.g., "United States", "European Union", "Asia-Pacific", "Canada") |
**Response Schema (200 - Success):**
The successful response returns a JSON object containing:
- `checklist_id` (string): Unique identifier for the generated checklist
- `industry` (string): The requested industry
- `region` (string): The requested region
- `generated_at` (string): ISO 8601 timestamp of generation
- `checklist_items` (array): Array of compliance items, each containing:
- `id` (integer): Item identifier
- `category` (string): Compliance category (e.g., "Data Security", "Access Control")
- `requirement` (string): Specific compliance requirement
- `framework` (string): Applicable compliance framework (e.g., "NIST", "SOC 2", "GDPR")
- `status` (string): Current status of the item
- `total_items` (integer): Total number of checklist items
- `estimated_completion_hours` (integer): Estimated effort to complete all items
**Error Responses:**
| Status Code | Description |
|------------|-------------|
| 422 | Validation Error – Missing or invalid required parameters (`industry` or `region`) |
**Validation Error Response (422):**
```json
{
"detail": [
{
"loc": ["body", "industry"],
"msg": "field required",
"type": "value_error.missing"
}
]
}
```
## Pricing
| Plan | Calls/Day | Calls/Month | Price |
|------|-----------|-------------|-------|
| Free | 5 | 50 | Free |
| Developer | 20 | 500 | $39/mo |
| Professional | 200 | 5,000 | $99/mo |
| Enterprise | 100,000 | 1,000,000 | $299/mo |
## About
ToolWeb.in - 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.
- [toolweb.in](https://toolweb.in)
- [portal.toolweb.in](https://portal.toolweb.in)
- [hub.toolweb.in](https://hub.toolweb.in)
- [toolweb.in/openclaw/](https://toolweb.in/openclaw/)
- [rapidapi.com/user/mkrishna477](https://rapidapi.com/user/mkrishna477)
- [youtube.com/@toolweb-009](https://youtube.com/@toolweb-009)
## References
- **Kong Route:** https://api.mkkpro.com/compliance/checklist-generator
- **API Docs:** https://api.mkkpro.com:8020/docs
FILE:openapi.json
{
"openapi": "3.1.0",
"info": {
"title": "Compliance Checklist Generator",
"version": "0.1.0"
},
"paths": {
"/generate-checklist": {
"post": {
"summary": "Generate Checklist",
"operationId": "generate_checklist_generate_checklist_post",
"requestBody": {
"content": {
"application/x-www-form-urlencoded": {
"schema": {
"$ref": "#/components/schemas/Body_generate_checklist_generate_checklist_post"
}
}
},
"required": true
},
"responses": {
"200": {
"description": "Successful Response",
"content": {
"application/json": {
"schema": {}
}
}
},
"422": {
"description": "Validation Error",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/HTTPValidationError"
}
}
}
}
}
}
}
},
"components": {
"schemas": {
"Body_generate_checklist_generate_checklist_post": {
"properties": {
"industry": {
"type": "string",
"title": "Industry"
},
"region": {
"type": "string",
"title": "Region"
}
},
"type": "object",
"required": [
"industry",
"region"
],
"title": "Body_generate_checklist_generate_checklist_post"
},
"HTTPValidationError": {
"properties": {
"detail": {
"items": {
"$ref": "#/components/schemas/ValidationError"
},
"type": "array",
"title": "Detail"
}
},
"type": "object",
"title": "HTTPValidationError"
},
"ValidationError": {
"properties": {
"loc": {
"items": {
"anyOf": [
{
"type": "string"
},
{
"type": "integer"
}
]
},
"type": "array",
"title": "Location"
},
"msg": {
"type": "string",
"title": "Message"
},
"type": {
"type": "string",
"title": "Error Type"
}
},
"type": "object",
"required": [
"loc",
"msg",
"type"
],
"title": "ValidationError"
}
}
}
}Validates cloud infrastructure configurations against industry compliance standards and regulatory frameworks.
---
name: Cloud Compliance Checker
description: Validates cloud infrastructure configurations against industry compliance standards and regulatory frameworks.
---
# Overview
The Cloud Compliance Checker is a powerful API for auditing cloud infrastructure against multiple compliance standards and regulatory requirements. It enables security teams, cloud architects, and compliance officers to systematically verify that their cloud deployments meet required security postures and compliance benchmarks.
This tool supports major cloud providers and compliance frameworks, allowing organizations to perform automated compliance validation on their cloud configurations. Whether you're preparing for a security audit, maintaining continuous compliance, or validating infrastructure-as-code deployments, this API provides rapid, standardized compliance assessment against recognized standards.
Ideal users include DevSecOps teams automating compliance checks in CI/CD pipelines, cloud security engineers validating multi-cloud deployments, compliance auditors performing infrastructure reviews, and organizations managing regulatory obligations across diverse cloud environments.
## Usage
**Example Request:**
```json
{
"provider": "aws",
"standard": "cis",
"config": "{\"region\": \"us-east-1\", \"scan_type\": \"full\"}"
}
```
**Example Response:**
```json
{
"compliance_status": "passed",
"provider": "aws",
"standard": "cis",
"checks_performed": 156,
"checks_passed": 154,
"checks_failed": 2,
"compliance_percentage": 98.7,
"failed_checks": [
{
"check_id": "CIS-1.2",
"title": "Ensure MFA is enabled for all IAM users",
"severity": "high",
"resource": "iam-user-admin"
},
{
"check_id": "CIS-2.1",
"title": "Ensure CloudTrail is enabled on all regions",
"severity": "medium",
"resource": "eu-west-1"
}
],
"timestamp": "2024-01-15T10:30:00Z",
"scan_duration_seconds": 42
}
```
## Endpoints
### POST /check-compliance
Performs a comprehensive compliance audit against specified cloud provider and compliance standard.
**Method:** `POST`
**Path:** `/check-compliance`
**Parameters:**
| Name | Type | Required | Description |
|------|------|----------|-------------|
| `provider` | string | Yes | Cloud provider identifier (e.g., `aws`, `azure`, `gcp`, `kubernetes`) |
| `standard` | string | Yes | Compliance framework or standard (e.g., `cis`, `pci-dss`, `hipaa`, `sox`, `nist`, `iso27001`) |
| `config` | string | No | JSON string containing provider-specific configuration options. Default: `"{}"`. Supports parameters like region, scan_type, resource_filters, etc. |
**Response (200 - Success):**
Returns a JSON object containing:
- `compliance_status`: Overall status (passed/failed/warning)
- `provider`: The cloud provider checked
- `standard`: The compliance standard used
- `checks_performed`: Total number of compliance checks executed
- `checks_passed`: Number of passing checks
- `checks_failed`: Number of failing checks
- `compliance_percentage`: Percentage of checks passed
- `failed_checks`: Array of failed checks with check_id, title, severity, and resource
- `timestamp`: UTC timestamp of the scan
- `scan_duration_seconds`: Time taken to complete the audit
**Response (422 - Validation Error):**
Returns validation error details when required parameters are missing or invalid.
```json
{
"detail": [
{
"loc": ["body", "provider"],
"msg": "field required",
"type": "value_error.missing"
}
]
}
```
## Pricing
| Plan | Calls/Day | Calls/Month | Price |
|------|-----------|-------------|-------|
| Free | 5 | 50 | Free |
| Developer | 20 | 500 | $39/mo |
| Professional | 200 | 5,000 | $99/mo |
| Enterprise | 100,000 | 1,000,000 | $299/mo |
## About
ToolWeb.in - 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.
- [toolweb.in](https://toolweb.in)
- [portal.toolweb.in](https://portal.toolweb.in)
- [hub.toolweb.in](https://hub.toolweb.in)
- [toolweb.in/openclaw/](https://toolweb.in/openclaw/)
- [rapidapi.com/user/mkrishna477](https://rapidapi.com/user/mkrishna477)
- [youtube.com/@toolweb-009](https://youtube.com/@toolweb-009)
## References
- **Kong Route:** https://api.mkkpro.com/compliance/cloud-compliance
- **API Docs:** https://api.mkkpro.com:8019/docs
FILE:openapi.json
{
"openapi": "3.1.0",
"info": {
"title": "Cloud Compliance Checker",
"version": "0.1.0"
},
"paths": {
"/check-compliance": {
"post": {
"summary": "Check Compliance",
"operationId": "check_compliance_check_compliance_post",
"requestBody": {
"content": {
"application/x-www-form-urlencoded": {
"schema": {
"$ref": "#/components/schemas/Body_check_compliance_check_compliance_post"
}
}
},
"required": true
},
"responses": {
"200": {
"description": "Successful Response",
"content": {
"application/json": {
"schema": {}
}
}
},
"422": {
"description": "Validation Error",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/HTTPValidationError"
}
}
}
}
}
}
}
},
"components": {
"schemas": {
"Body_check_compliance_check_compliance_post": {
"properties": {
"provider": {
"type": "string",
"title": "Provider"
},
"standard": {
"type": "string",
"title": "Standard"
},
"config": {
"anyOf": [
{
"type": "string"
},
{
"type": "null"
}
],
"title": "Config",
"default": "{}"
}
},
"type": "object",
"required": [
"provider",
"standard"
],
"title": "Body_check_compliance_check_compliance_post"
},
"HTTPValidationError": {
"properties": {
"detail": {
"items": {
"$ref": "#/components/schemas/ValidationError"
},
"type": "array",
"title": "Detail"
}
},
"type": "object",
"title": "HTTPValidationError"
},
"ValidationError": {
"properties": {
"loc": {
"items": {
"anyOf": [
{
"type": "string"
},
{
"type": "integer"
}
]
},
"type": "array",
"title": "Location"
},
"msg": {
"type": "string",
"title": "Message"
},
"type": {
"type": "string",
"title": "Error Type"
}
},
"type": "object",
"required": [
"loc",
"msg",
"type"
],
"title": "ValidationError"
}
}
}
}Automated security scanner for identifying and reporting misconfigurations across cloud infrastructure providers.
---
name: Cloud Misconfiguration Scanner
description: Automated security scanner for identifying and reporting misconfigurations across cloud infrastructure providers.
---
# Overview
The Cloud Misconfiguration Scanner is a security-focused API that analyzes cloud infrastructure configurations to identify potential security risks, compliance violations, and operational misconfigurations. It connects to major cloud providers and performs comprehensive audits of your cloud environment without requiring direct infrastructure changes.
This tool is essential for security teams, DevOps engineers, and cloud architects who need continuous visibility into their cloud security posture. By automating configuration scanning, it reduces the time and effort required for manual security assessments while providing detailed, actionable remediation guidance. The scanner integrates seamlessly with multi-cloud environments and supports automated compliance reporting workflows.
Ideal users include organizations managing infrastructure across AWS, Azure, Google Cloud, or hybrid cloud environments; security and compliance teams performing regular audits; and enterprises implementing Infrastructure-as-Code (IaC) security practices.
## Usage
**Sample Request:**
```json
{
"provider": "aws",
"credentials": {
"access_key_id": "AKIAIOSFODNN7EXAMPLE",
"secret_access_key": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY",
"region": "us-east-1"
}
}
```
**Sample Response:**
```json
{
"scan_id": "scan_1234567890",
"provider": "aws",
"status": "completed",
"timestamp": "2024-01-15T10:30:45Z",
"findings": [
{
"id": "MISCFG-001",
"severity": "high",
"category": "access_control",
"resource": "s3://my-bucket-prod",
"issue": "S3 bucket has public read access enabled",
"recommendation": "Update bucket policy to restrict public access",
"compliance_impact": ["PCI-DSS", "HIPAA"]
},
{
"id": "MISCFG-002",
"severity": "medium",
"category": "encryption",
"resource": "rds-instance-main",
"issue": "Database encryption at rest is disabled",
"recommendation": "Enable RDS encryption and rotate master key",
"compliance_impact": ["SOC2"]
}
],
"summary": {
"total_resources_scanned": 247,
"misconfiguration_count": 12,
"high_severity": 2,
"medium_severity": 5,
"low_severity": 5
}
}
```
## Endpoints
### POST /scan-cloud-config
Initiates a comprehensive security scan of cloud infrastructure configurations for the specified provider.
**Method:** `POST`
**Path:** `/scan-cloud-config`
**Description:** Scans cloud configurations and identifies security misconfigurations, compliance violations, and operational risks across the target environment.
**Request Parameters:**
| Parameter | Type | Required | Description |
|-----------|------|----------|-------------|
| `provider` | string | Yes | Cloud provider identifier (e.g., `aws`, `azure`, `gcp`, `alibaba`) |
| `credentials` | object | Yes | Provider-specific authentication credentials including access keys, secret keys, tokens, or service account data required to authenticate and access cloud resources |
**Response Shape (HTTP 200):**
```json
{
"scan_id": "string",
"provider": "string",
"status": "string",
"timestamp": "string",
"findings": [
{
"id": "string",
"severity": "string",
"category": "string",
"resource": "string",
"issue": "string",
"recommendation": "string",
"compliance_impact": ["string"]
}
],
"summary": {
"total_resources_scanned": "integer",
"misconfiguration_count": "integer",
"high_severity": "integer",
"medium_severity": "integer",
"low_severity": "integer"
}
}
```
**Error Response (HTTP 422 - Validation Error):**
```json
{
"detail": [
{
"loc": ["body", "provider"],
"msg": "field required",
"type": "value_error.missing"
}
]
}
```
## Pricing
| Plan | Calls/Day | Calls/Month | Price |
|------|-----------|-------------|-------|
| Free | 5 | 50 | Free |
| Developer | 20 | 500 | $39/mo |
| Professional | 200 | 5,000 | $99/mo |
| Enterprise | 100,000 | 1,000,000 | $299/mo |
## About
ToolWeb.in - 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.
- [toolweb.in](https://toolweb.in)
- [portal.toolweb.in](https://portal.toolweb.in)
- [hub.toolweb.in](https://hub.toolweb.in)
- [toolweb.in/openclaw/](https://toolweb.in/openclaw/)
- [rapidapi.com/user/mkrishna477](https://rapidapi.com/user/mkrishna477)
- [youtube.com/@toolweb-009](https://youtube.com/@toolweb-009)
## References
- **Kong Route:** https://api.mkkpro.com/security/cloud-misconfig-scanner
- **API Docs:** https://api.mkkpro.com:8018/docs
FILE:openapi.json
{
"openapi": "3.1.0",
"info": {
"title": "Cloud Misconfiguration Scanner",
"version": "0.1.0"
},
"paths": {
"/scan-cloud-config": {
"post": {
"summary": "Scan Cloud Config",
"operationId": "scan_cloud_config_scan_cloud_config_post",
"requestBody": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/CloudScanRequest"
}
}
},
"required": true
},
"responses": {
"200": {
"description": "Successful Response",
"content": {
"application/json": {
"schema": {}
}
}
},
"422": {
"description": "Validation Error",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/HTTPValidationError"
}
}
}
}
}
}
}
},
"components": {
"schemas": {
"CloudScanRequest": {
"properties": {
"provider": {
"type": "string",
"title": "Provider"
},
"credentials": {
"type": "object",
"title": "Credentials"
}
},
"type": "object",
"required": [
"provider",
"credentials"
],
"title": "CloudScanRequest"
},
"HTTPValidationError": {
"properties": {
"detail": {
"items": {
"$ref": "#/components/schemas/ValidationError"
},
"type": "array",
"title": "Detail"
}
},
"type": "object",
"title": "HTTPValidationError"
},
"ValidationError": {
"properties": {
"loc": {
"items": {
"anyOf": [
{
"type": "string"
},
{
"type": "integer"
}
]
},
"type": "array",
"title": "Location"
},
"msg": {
"type": "string",
"title": "Message"
},
"type": {
"type": "string",
"title": "Error Type"
}
},
"type": "object",
"required": [
"loc",
"msg",
"type"
],
"title": "ValidationError"
}
}
}
}Generates creative and detailed prompts for AI art generation based on user-specified themes.
---
name: AI Art Prompt Generator API
description: Generates creative and detailed prompts for AI art generation based on user-specified themes.
---
# Overview
The AI Art Prompt Generator API is a specialized service designed to create high-quality, detailed prompts optimized for AI art generation tools. By analyzing a user-provided theme, the API generates contextually relevant and creatively structured prompts that enhance the quality and consistency of AI-generated artwork.
This tool is ideal for digital artists, content creators, designers, and AI enthusiasts who want to streamline their creative workflow. Rather than manually crafting prompts through trial and error, users can input a theme and receive professionally structured prompts ready for use with popular AI art platforms such as DALL-E, Midjourney, Stable Diffusion, and others.
The API handles prompt engineering complexity behind the scenes, allowing creators to focus on their artistic vision while ensuring their AI art generation requests are optimized for best results.
## Usage
### Example Request
```json
{
"theme": "cyberpunk city at night with neon lights and flying cars"
}
```
### Example Response
```json
{
"prompt": "A dystopian cyberpunk metropolis at midnight, neon holographic advertisements casting electric blues and magentas across sleek skyscrapers. Flying vehicles with LED trails navigate above crowded streets. Rain-slicked surfaces reflect glowing storefronts and digital billboards. High-tech aesthetic, cinematic lighting, ultra-detailed, 8k resolution, cyberpunk 2077 style, volumetric fog, ray tracing",
"theme": "cyberpunk city at night with neon lights and flying cars",
"variations": [
"Overhead drone view of a neon-lit cyberpunk cityscape with autonomous air traffic",
"Street-level perspective of a rain-soaked cyberpunk alley with holographic vendors"
]
}
```
## Endpoints
### POST /generate-prompt
**Description:** Generates an AI art prompt based on a provided theme.
**Method:** POST
**Path:** `/generate-prompt`
**Request Body:**
| Parameter | Type | Required | Description |
|-----------|------|----------|-------------|
| theme | string | Yes | The artistic theme or concept to generate a prompt for. Can include style preferences, mood, composition details, or any creative direction. |
**Response:**
Returns a 200 status code with a JSON object containing:
- `prompt` (string): The generated AI art prompt, optimized for use with AI art generation tools
- `theme` (string): Echo of the input theme
- `variations` (array of strings): Alternative prompt variations based on the same theme
**Error Responses:**
- **422 Validation Error:** Returned when the request is malformed or required parameters are missing.
- Response includes a `detail` array with validation error objects containing:
- `loc` (array): Location of the error in the request
- `msg` (string): Description of the validation error
- `type` (string): Type of validation error
## Pricing
| Plan | Calls/Day | Calls/Month | Price |
|------|-----------|-------------|-------|
| Free | 5 | 50 | Free |
| Developer | 20 | 500 | $39/mo |
| Professional | 200 | 5,000 | $99/mo |
| Enterprise | 100,000 | 1,000,000 | $299/mo |
## About
ToolWeb.in - 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.
- [toolweb.in](https://toolweb.in)
- [portal.toolweb.in](https://portal.toolweb.in)
- [hub.toolweb.in](https://hub.toolweb.in)
- [toolweb.in/openclaw/](https://toolweb.in/openclaw/)
- [rapidapi.com/user/mkrishna477](https://rapidapi.com/user/mkrishna477)
- [youtube.com/@toolweb-009](https://youtube.com/@toolweb-009)
## References
- **Kong Route:** https://api.mkkpro.com/creative/ai-art-prompt
- **API Docs:** https://api.mkkpro.com:8017/docs
FILE:openapi.json
{
"openapi": "3.1.0",
"info": {
"title": "AI Art Prompt Generator API",
"version": "0.1.0"
},
"paths": {
"/generate-prompt": {
"post": {
"summary": "Generate Prompt",
"operationId": "generate_prompt_generate_prompt_post",
"requestBody": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/PromptRequest"
}
}
},
"required": true
},
"responses": {
"200": {
"description": "Successful Response",
"content": {
"application/json": {
"schema": {}
}
}
},
"422": {
"description": "Validation Error",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/HTTPValidationError"
}
}
}
}
}
}
}
},
"components": {
"schemas": {
"HTTPValidationError": {
"properties": {
"detail": {
"items": {
"$ref": "#/components/schemas/ValidationError"
},
"type": "array",
"title": "Detail"
}
},
"type": "object",
"title": "HTTPValidationError"
},
"PromptRequest": {
"properties": {
"theme": {
"type": "string",
"title": "Theme"
}
},
"type": "object",
"required": [
"theme"
],
"title": "PromptRequest"
},
"ValidationError": {
"properties": {
"loc": {
"items": {
"anyOf": [
{
"type": "string"
},
{
"type": "integer"
}
]
},
"type": "array",
"title": "Location"
},
"msg": {
"type": "string",
"title": "Message"
},
"type": {
"type": "string",
"title": "Error Type"
}
},
"type": "object",
"required": [
"loc",
"msg",
"type"
],
"title": "ValidationError"
}
}
}
}Analyzes email headers to extract authentication, routing, and security metadata for threat detection and email forensics.
---
name: Email Header Analyser API
description: Analyzes email headers to extract authentication, routing, and security metadata for threat detection and email forensics.
---
# Overview
The Email Header Analyser API provides deep inspection and forensic analysis of email message headers. Security professionals, incident responders, and email administrators use this tool to identify spoofing attempts, trace message routing, validate authentication protocols (SPF, DKIM, DMARC), and detect malicious headers.
Email headers contain critical metadata that reveals the true origin of messages, intermediate mail servers, and authentication status. This API parses raw headers and extracts actionable intelligence for phishing investigations, compliance audits, and email security operations.
Ideal users include SOC analysts, email security teams, incident response professionals, forensic investigators, and organizations requiring email authentication verification and threat intelligence capabilities.
## Usage
### Sample Request
```json
{
"header": "Received: from mail.example.com (mail.example.com [192.0.2.1]) by mx.targetdomain.com with SMTP id abc123; Wed, 15 Jan 2025 10:30:45 +0000\nFrom: [email protected]\nTo: [email protected]\nSubject: Security Analysis\nAuthentication-Results: targetdomain.com; spf=pass [email protected]; dkim=pass header.d=example.com; dmarc=pass\nReturn-Path: <[email protected]>\nDate: Wed, 15 Jan 2025 10:30:45 +0000"
}
```
### Sample Response
```json
{
"sender_ip": "192.0.2.1",
"sender_domain": "mail.example.com",
"from_address": "[email protected]",
"to_address": "[email protected]",
"received_servers": [
{
"hostname": "mail.example.com",
"ip": "192.0.2.1",
"timestamp": "2025-01-15T10:30:45Z"
},
{
"hostname": "mx.targetdomain.com",
"ip": null,
"timestamp": null
}
],
"authentication": {
"spf": "pass",
"dkim": "pass",
"dmarc": "pass"
},
"subject": "Security Analysis",
"date": "2025-01-15T10:30:45Z",
"return_path": "[email protected]",
"suspicious_indicators": []
}
```
## Endpoints
### POST /analyze-header
Analyzes a raw email header to extract authentication, routing, and security metadata.
**Method:** POST
**Path:** `/analyze-header`
**Request Parameters:**
| Parameter | Type | Required | Description |
|-----------|------|----------|-------------|
| header | string | Yes | Raw email header text containing one or more Received headers, authentication headers, and message metadata. |
**Response Schema:**
The response contains extracted header analysis including:
| Field | Type | Description |
|-------|------|-------------|
| sender_ip | string | IP address of the originating mail server. |
| sender_domain | string | Hostname of the originating mail server. |
| from_address | string | Email address in the From header. |
| to_address | string | Email address in the To header. |
| received_servers | array | List of mail servers in the routing path with hostname, IP, and timestamp. |
| authentication | object | Authentication protocol results (spf, dkim, dmarc status). |
| subject | string | Email subject line. |
| date | string | Message date in ISO 8601 format. |
| return_path | string | Return-Path header value. |
| suspicious_indicators | array | List of detected anomalies or security concerns. |
**Status Codes:**
- **200:** Successful analysis returned.
- **422:** Validation error—header field missing or invalid.
## Pricing
| Plan | Calls/Day | Calls/Month | Price |
|------|-----------|-------------|-------|
| Free | 5 | 50 | Free |
| Developer | 20 | 500 | $39/mo |
| Professional | 200 | 5,000 | $99/mo |
| Enterprise | 100,000 | 1,000,000 | $299/mo |
## About
ToolWeb.in - 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.
- [toolweb.in](https://toolweb.in)
- [portal.toolweb.in](https://portal.toolweb.in)
- [hub.toolweb.in](https://hub.toolweb.in)
- [toolweb.in/openclaw/](https://toolweb.in/openclaw/)
- [rapidapi.com/user/mkrishna477](https://rapidapi.com/user/mkrishna477)
- [youtube.com/@toolweb-009](https://youtube.com/@toolweb-009)
## References
- Kong Route: https://api.mkkpro.com/security/email-header-analyser
- API Docs: https://api.mkkpro.com:8016/docs
FILE:openapi.json
{
"openapi": "3.1.0",
"info": {
"title": "Email Header Analyser API",
"version": "0.1.0"
},
"paths": {
"/analyze-header": {
"post": {
"summary": "Analyze Header",
"operationId": "analyze_header_analyze_header_post",
"requestBody": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/HeaderRequest"
}
}
},
"required": true
},
"responses": {
"200": {
"description": "Successful Response",
"content": {
"application/json": {
"schema": {}
}
}
},
"422": {
"description": "Validation Error",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/HTTPValidationError"
}
}
}
}
}
}
}
},
"components": {
"schemas": {
"HTTPValidationError": {
"properties": {
"detail": {
"items": {
"$ref": "#/components/schemas/ValidationError"
},
"type": "array",
"title": "Detail"
}
},
"type": "object",
"title": "HTTPValidationError"
},
"HeaderRequest": {
"properties": {
"header": {
"type": "string",
"title": "Header"
}
},
"type": "object",
"required": [
"header"
],
"title": "HeaderRequest"
},
"ValidationError": {
"properties": {
"loc": {
"items": {
"anyOf": [
{
"type": "string"
},
{
"type": "integer"
}
]
},
"type": "array",
"title": "Location"
},
"msg": {
"type": "string",
"title": "Message"
},
"type": {
"type": "string",
"title": "Error Type"
}
},
"type": "object",
"required": [
"loc",
"msg",
"type"
],
"title": "ValidationError"
}
}
}
}Generate customized compliance checklists for GDPR and PCI-DSS standards based on company type.
---
name: GDPR/PCI Compliance Checklist
description: Generate customized compliance checklists for GDPR and PCI-DSS standards based on company type.
---
# Overview
The GDPR/PCI Compliance Checklist API provides organizations with automated, tailored compliance validation frameworks for data protection and payment card security regulations. By specifying your company type, you receive a structured checklist aligned with both General Data Protection Regulation (GDPR) and Payment Card Industry Data Security Standard (PCI-DSS) requirements.
This tool is essential for compliance teams, security officers, and organizations handling sensitive customer data or payment information. It eliminates the need for manual checklist creation and ensures consistency with regulatory expectations. The API generates pragmatic, actionable items that guide implementation and audit readiness across multiple compliance domains.
Ideal users include fintech companies, e-commerce platforms, SaaS providers, healthcare organizations, and any enterprise subject to GDPR or PCI-DSS obligations. Security teams use this API during risk assessments, audit preparation, and compliance program design phases.
## Usage
**Sample Request:**
```json
{
"company_type": "fintech"
}
```
**Sample Response:**
```json
{
"company_type": "fintech",
"framework": "GDPR/PCI-DSS",
"checklist_items": [
{
"id": "gdpr_001",
"category": "Data Governance",
"requirement": "Implement Data Protection Impact Assessment (DPIA) for high-risk processing",
"standard": "GDPR Article 35",
"status": "pending"
},
{
"id": "pci_001",
"category": "Network Security",
"requirement": "Maintain firewall configuration standards and restrict cardholder data access",
"standard": "PCI-DSS 1.1",
"status": "pending"
},
{
"id": "gdpr_002",
"category": "User Rights",
"requirement": "Establish process for responding to data subject access requests within 30 days",
"standard": "GDPR Article 15",
"status": "pending"
},
{
"id": "pci_002",
"category": "Encryption",
"requirement": "Encrypt transmission of cardholder data across public networks using TLS 1.2+",
"standard": "PCI-DSS 4.1",
"status": "pending"
}
],
"generated_at": "2024-01-15T09:32:00Z"
}
```
## Endpoints
### POST /checklist
**Description:** Generate a customized GDPR/PCI-DSS compliance checklist based on company type.
**Method:** `POST`
**Path:** `/checklist`
**Parameters:**
| Name | Type | Required | Description |
|------|------|----------|-------------|
| `company_type` | string | Yes | Classification of your organization (e.g., "fintech", "ecommerce", "saas", "healthcare", "retailer"). Determines which compliance items are prioritized and included in the checklist. |
**Request Body:**
```json
{
"company_type": "string"
}
```
**Response (200 - Success):**
Returns a JSON object containing:
- `company_type`: The submitted company classification
- `framework`: Compliance standards applied
- `checklist_items`: Array of compliance requirements with fields:
- `id`: Unique identifier for the checklist item
- `category`: Compliance domain (e.g., "Data Governance", "Network Security", "Encryption")
- `requirement`: Detailed description of the requirement
- `standard`: Regulatory reference (GDPR Article or PCI-DSS requirement)
- `status`: Current status (pending, in-progress, completed)
- `generated_at`: ISO 8601 timestamp of checklist generation
**Response (422 - Validation Error):**
Returns validation error details when `company_type` is missing or invalid:
```json
{
"detail": [
{
"loc": ["body", "company_type"],
"msg": "field required",
"type": "value_error.missing"
}
]
}
```
## Pricing
| Plan | Calls/Day | Calls/Month | Price |
|------|-----------|-------------|-------|
| Free | 5 | 50 | Free |
| Developer | 20 | 500 | $39/mo |
| Professional | 200 | 5,000 | $99/mo |
| Enterprise | 100,000 | 1,000,000 | $299/mo |
## About
ToolWeb.in - 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.
- [toolweb.in](https://toolweb.in)
- [portal.toolweb.in](https://portal.toolweb.in)
- [hub.toolweb.in](https://hub.toolweb.in)
- [toolweb.in/openclaw/](https://toolweb.in/openclaw/)
- [rapidapi.com/user/mkrishna477](https://rapidapi.com/user/mkrishna477)
- [youtube.com/@toolweb-009](https://youtube.com/@toolweb-009)
## References
- **Kong Route:** https://api.mkkpro.com/compliance/gdpr-pci-checklist
- **API Docs:** https://api.mkkpro.com:8015/docs
FILE:openapi.json
{
"openapi": "3.1.0",
"info": {
"title": "GDPR/PCI Compliance Checklist",
"version": "0.1.0"
},
"paths": {
"/checklist": {
"post": {
"summary": "Get Compliance List",
"operationId": "get_compliance_list_checklist_post",
"requestBody": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/ComplianceRequest"
}
}
},
"required": true
},
"responses": {
"200": {
"description": "Successful Response",
"content": {
"application/json": {
"schema": {}
}
}
},
"422": {
"description": "Validation Error",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/HTTPValidationError"
}
}
}
}
}
}
}
},
"components": {
"schemas": {
"ComplianceRequest": {
"properties": {
"company_type": {
"type": "string",
"title": "Company Type"
}
},
"type": "object",
"required": [
"company_type"
],
"title": "ComplianceRequest"
},
"HTTPValidationError": {
"properties": {
"detail": {
"items": {
"$ref": "#/components/schemas/ValidationError"
},
"type": "array",
"title": "Detail"
}
},
"type": "object",
"title": "HTTPValidationError"
},
"ValidationError": {
"properties": {
"loc": {
"items": {
"anyOf": [
{
"type": "string"
},
{
"type": "integer"
}
]
},
"type": "array",
"title": "Location"
},
"msg": {
"type": "string",
"title": "Message"
},
"type": {
"type": "string",
"title": "Error Type"
}
},
"type": "object",
"required": [
"loc",
"msg",
"type"
],
"title": "ValidationError"
}
}
}
}Performs comprehensive security checks and compliance risk assessments on websites and applications.
---
name: Risk Assessment & Compliance
description: Performs comprehensive security checks and compliance risk assessments on websites and applications.
---
# Overview
Risk Assessment & Compliance is a security-focused API that evaluates web applications and websites for vulnerabilities, compliance violations, and security posture. It provides detailed risk assessments that help organizations identify potential security gaps, regulatory compliance issues, and remediation priorities.
This tool is essential for security teams, compliance officers, and DevOps engineers who need to continuously monitor and validate the security posture of their digital assets. The API performs deep security analysis including vulnerability detection, compliance framework alignment, and risk scoring to support informed security decisions.
Ideal users include security operations centers (SOCs), compliance teams, penetration testers, application security engineers, and organizations undergoing regulatory audits or security certifications.
## Usage
### Sample Request
```json
{
"url": "https://example.com"
}
```
### Sample Response
```json
{
"url": "https://example.com",
"security_score": 78,
"compliance_status": "PARTIAL",
"vulnerabilities": [
{
"type": "Missing Security Header",
"severity": "High",
"header": "Strict-Transport-Security",
"remediation": "Add HSTS header with max-age of at least 31536000 seconds"
}
],
"compliance_frameworks": {
"PCI-DSS": "Non-Compliant",
"OWASP": "Compliant",
"GDPR": "Partial"
},
"risk_level": "Medium",
"assessment_timestamp": "2024-01-15T10:30:45Z"
}
```
## Endpoints
### Security Check
**Method:** `POST`
**Path:** `/security-check`
**Description:** Performs a comprehensive security check and compliance risk assessment on a specified URL. Analyzes the target website for common vulnerabilities, security headers, compliance violations, and generates a risk assessment report.
**Parameters:**
| Name | Type | Required | Description |
|------|------|----------|-------------|
| `url` | string | Yes | The complete URL of the website or application to assess (must include protocol, e.g., `https://example.com`) |
**Response (200 - Success):**
Returns a JSON object containing:
- `url`: The assessed URL
- `security_score`: Numeric score (0-100) indicating overall security posture
- `compliance_status`: Status of compliance (Compliant, Partial, Non-Compliant)
- `vulnerabilities`: Array of identified vulnerabilities with severity and remediation guidance
- `compliance_frameworks`: Assessment against industry standards (PCI-DSS, OWASP, GDPR, etc.)
- `risk_level`: Overall risk classification (Low, Medium, High, Critical)
- `assessment_timestamp`: ISO 8601 timestamp of assessment execution
**Response (422 - Validation Error):**
Returns validation error details including:
- `detail`: Array of validation errors with location, message, and error type
## Pricing
| Plan | Calls/Day | Calls/Month | Price |
|------|-----------|-------------|-------|
| Free | 5 | 50 | Free |
| Developer | 20 | 500 | $39/mo |
| Professional | 200 | 5,000 | $99/mo |
| Enterprise | 100,000 | 1,000,000 | $299/mo |
## About
ToolWeb.in - 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.
- [toolweb.in](https://toolweb.in)
- [portal.toolweb.in](https://portal.toolweb.in)
- [hub.toolweb.in](https://hub.toolweb.in)
- [toolweb.in/openclaw/](https://toolweb.in/openclaw/)
- [rapidapi.com/user/mkrishna477](https://rapidapi.com/user/mkrishna477)
- [youtube.com/@toolweb-009](https://youtube.com/@toolweb-009)
## References
- **Kong Route:** https://api.mkkpro.com/compliance/risk-assessment
- **API Docs:** https://api.mkkpro.com:8014/docs
FILE:openapi.json
{
"openapi": "3.1.0",
"info": {
"title": "Risk Assessment & Compliance",
"version": "0.1.0"
},
"paths": {
"/security-check": {
"post": {
"summary": "Security Check",
"operationId": "security_check_security_check_post",
"requestBody": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/SiteRequest"
}
}
},
"required": true
},
"responses": {
"200": {
"description": "Successful Response",
"content": {
"application/json": {
"schema": {}
}
}
},
"422": {
"description": "Validation Error",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/HTTPValidationError"
}
}
}
}
}
}
}
},
"components": {
"schemas": {
"HTTPValidationError": {
"properties": {
"detail": {
"items": {
"$ref": "#/components/schemas/ValidationError"
},
"type": "array",
"title": "Detail"
}
},
"type": "object",
"title": "HTTPValidationError"
},
"SiteRequest": {
"properties": {
"url": {
"type": "string",
"title": "Url"
}
},
"type": "object",
"required": [
"url"
],
"title": "SiteRequest"
},
"ValidationError": {
"properties": {
"loc": {
"items": {
"anyOf": [
{
"type": "string"
},
{
"type": "integer"
}
]
},
"type": "array",
"title": "Location"
},
"msg": {
"type": "string",
"title": "Message"
},
"type": {
"type": "string",
"title": "Error Type"
}
},
"type": "object",
"required": [
"loc",
"msg",
"type"
],
"title": "ValidationError"
}
}
}
}Analyzes uploaded files to detect suspicious characteristics and potential security threats.
---
name: Suspicious File Scanner
description: Analyzes uploaded files to detect suspicious characteristics and potential security threats.
---
# Overview
The Suspicious File Scanner is a security-focused API that analyzes files to identify potentially malicious or suspicious characteristics. By leveraging advanced threat detection techniques, this tool helps organizations screen files before they enter their systems, reducing the risk of malware infections, ransomware, and other file-based attacks.
This API is ideal for security teams, developers building defense-in-depth solutions, and organizations that need automated file validation as part of their security workflows. Whether you're protecting email gateways, web upload portals, or endpoint systems, the Suspicious File Scanner provides rapid threat assessment to complement your existing security infrastructure.
The tool processes files through multiple detection heuristics and returns comprehensive analysis results, enabling you to make informed decisions about file acceptance or quarantine. Integration is straightforward via multipart file uploads, making it easy to embed file scanning into existing applications.
## Usage
**Scan a file for suspicious characteristics:**
```json
POST /scan-file
Content-Type: multipart/form-data
file: [binary file data]
```
**Sample Request:**
Upload a file using multipart form data. Most HTTP clients handle this automatically:
```bash
curl -X POST \
-F "file=@/path/to/sample.exe" \
https://api.mkkpro.com/security/suspicious-file-scanner/scan-file
```
**Sample Response:**
```json
{
"filename": "sample.exe",
"file_size": 245760,
"file_type": "application/x-msdownload",
"scan_timestamp": "2024-01-15T10:32:45Z",
"threat_detected": true,
"threat_level": "high",
"threat_indicators": [
{
"indicator": "executable_packed",
"description": "File appears to be packed or obfuscated",
"confidence": 0.95
},
{
"indicator": "suspicious_imports",
"description": "Contains suspicious Windows API imports",
"confidence": 0.87
}
],
"recommendation": "quarantine"
}
```
## Endpoints
### POST /scan-file
**Description:** Scans an uploaded file for suspicious characteristics and potential threats.
**Parameters:**
| Name | Type | Required | Description |
|------|------|----------|-------------|
| file | binary | Yes | The file to scan. Accepts any file type. Submit as multipart form-data. |
**Response Schema (200 OK):**
The response contains detailed analysis results for the scanned file:
```json
{
"filename": "string",
"file_size": "integer",
"file_type": "string",
"scan_timestamp": "string (ISO 8601)",
"threat_detected": "boolean",
"threat_level": "string (low, medium, high, critical)",
"threat_indicators": [
{
"indicator": "string",
"description": "string",
"confidence": "number (0.0-1.0)"
}
],
"recommendation": "string (allow, review, quarantine)"
}
```
**Error Response (422 Validation Error):**
```json
{
"detail": [
{
"loc": ["body", "file"],
"msg": "Field required",
"type": "value_error.missing"
}
]
}
```
## Pricing
| Plan | Calls/Day | Calls/Month | Price |
|------|-----------|-------------|-------|
| Free | 5 | 50 | Free |
| Developer | 20 | 500 | $39/mo |
| Professional | 200 | 5,000 | $99/mo |
| Enterprise | 100,000 | 1,000,000 | $299/mo |
## About
ToolWeb.in - 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.
- [toolweb.in](https://toolweb.in)
- [portal.toolweb.in](https://portal.toolweb.in)
- [hub.toolweb.in](https://hub.toolweb.in)
- [toolweb.in/openclaw/](https://toolweb.in/openclaw/)
- [rapidapi.com/user/mkrishna477](https://rapidapi.com/user/mkrishna477)
- [youtube.com/@toolweb-009](https://youtube.com/@toolweb-009)
## References
- **Kong Route:** https://api.mkkpro.com/security/suspicious-file-scanner
- **API Docs:** https://api.mkkpro.com:8013/docs
FILE:openapi.json
{
"openapi": "3.1.0",
"info": {
"title": "Suspicious File Scanner",
"version": "0.1.0"
},
"paths": {
"/scan-file": {
"post": {
"summary": "Scan File",
"operationId": "scan_file_scan_file_post",
"requestBody": {
"content": {
"multipart/form-data": {
"schema": {
"$ref": "#/components/schemas/Body_scan_file_scan_file_post"
}
}
},
"required": true
},
"responses": {
"200": {
"description": "Successful Response",
"content": {
"application/json": {
"schema": {}
}
}
},
"422": {
"description": "Validation Error",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/HTTPValidationError"
}
}
}
}
}
}
}
},
"components": {
"schemas": {
"Body_scan_file_scan_file_post": {
"properties": {
"file": {
"type": "string",
"format": "binary",
"title": "File"
}
},
"type": "object",
"required": [
"file"
],
"title": "Body_scan_file_scan_file_post"
},
"HTTPValidationError": {
"properties": {
"detail": {
"items": {
"$ref": "#/components/schemas/ValidationError"
},
"type": "array",
"title": "Detail"
}
},
"type": "object",
"title": "HTTPValidationError"
},
"ValidationError": {
"properties": {
"loc": {
"items": {
"anyOf": [
{
"type": "string"
},
{
"type": "integer"
}
]
},
"type": "array",
"title": "Location"
},
"msg": {
"type": "string",
"title": "Message"
},
"type": {
"type": "string",
"title": "Error Type"
}
},
"type": "object",
"required": [
"loc",
"msg",
"type"
],
"title": "ValidationError"
}
}
}
}Aggregates and analyzes open-source intelligence (OSINT) data from multiple sources to identify threats, validate indicators, and enrich security investigati...
---
name: Threat Intelligence Aggregator
description: Aggregates and analyzes open-source intelligence (OSINT) data from multiple sources to identify threats, validate indicators, and enrich security investigations.
---
# Overview
The Threat Intelligence Aggregator is a security-focused API that collects, normalizes, and correlates open-source intelligence (OSINT) data across public and proprietary threat feeds. It enables security teams to rapidly enrich indicators of compromise (IoCs)—including IP addresses, domains, file hashes, and email addresses—with contextual threat intelligence, reputation scores, and historical breach data.
This tool is essential for SOC analysts, threat hunters, and incident responders who need rapid validation of suspicious artifacts during investigations. By querying a unified aggregation layer rather than consulting dozens of separate feeds, teams reduce investigation time, improve accuracy, and maintain consistent threat scoring across the organization.
The API is ideal for security operations centers (SOCs), managed security service providers (MSSPs), threat intelligence platforms (TIPs), and enterprise security teams building custom detection and response workflows.
## Usage
### Sample Request
```json
{
"input": "192.168.1.100"
}
```
### Sample Response
```json
{
"indicator": "192.168.1.100",
"indicator_type": "ipv4",
"reputation_score": 72,
"threat_level": "high",
"sources": [
{
"name": "AbuseIPDB",
"reports": 145,
"last_seen": "2024-01-15T09:32:00Z"
},
{
"name": "Shodan",
"services": ["SSH", "HTTP"],
"last_scanned": "2024-01-14T18:20:00Z"
}
],
"associated_malware": [
"Emotet",
"Trickbot"
],
"geolocation": {
"country": "RU",
"city": "Moscow",
"asn": "AS8452"
},
"whois_data": {
"registrar": "RIPE NCC",
"registered": "2015-03-22"
},
"confidence": 0.89,
"last_updated": "2024-01-15T10:45:00Z"
}
```
## Endpoints
### POST /osint-lookup
**Description:** Performs open-source intelligence lookup on a provided indicator. Aggregates threat data from multiple sources and returns enriched threat intelligence including reputation scores, geolocation, associated malware, and source attribution.
**Request Parameters:**
| Parameter | Type | Required | Description |
|-----------|------|----------|-------------|
| `input` | string | Yes | The indicator to query. Supports IPv4/IPv6 addresses, fully qualified domain names (FQDNs), email addresses, file hashes (MD5, SHA-1, SHA-256), and URLs. |
**Response Schema (200 OK):**
```json
{
"indicator": "string",
"indicator_type": "string",
"reputation_score": "number",
"threat_level": "string",
"sources": [
{
"name": "string",
"reports": "integer",
"last_seen": "string (ISO 8601)"
}
],
"associated_malware": ["string"],
"geolocation": {
"country": "string",
"city": "string",
"asn": "string"
},
"whois_data": {
"registrar": "string",
"registered": "string"
},
"confidence": "number",
"last_updated": "string (ISO 8601)"
}
```
**Error Response (422 Validation Error):**
```json
{
"detail": [
{
"loc": ["body", "input"],
"msg": "field required",
"type": "value_error.missing"
}
]
}
```
## Pricing
| Plan | Calls/Day | Calls/Month | Price |
|------|-----------|-------------|-------|
| Free | 5 | 50 | Free |
| Developer | 20 | 500 | $39/mo |
| Professional | 200 | 5,000 | $99/mo |
| Enterprise | 100,000 | 1,000,000 | $299/mo |
## About
ToolWeb.in — 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.
- 🌐 [toolweb.in](https://toolweb.in)
- 🔌 [portal.toolweb.in](https://portal.toolweb.in)
- 🤖 [hub.toolweb.in](https://hub.toolweb.in)
- 🐾 [toolweb.in/openclaw/](https://toolweb.in/openclaw/)
- 🚀 [rapidapi.com/user/mkrishna477](https://rapidapi.com/user/mkrishna477)
- 📺 [youtube.com/@toolweb-009](https://youtube.com/@toolweb-009)
## References
- **Kong Route:** `https://api.mkkpro.com/security/threat-intel-v2`
- **API Docs:** `https://api.mkkpro.com:8011/docs`
FILE:openapi.json
{
"openapi": "3.1.0",
"info": {
"title": "Threat Intelligence Aggregator",
"version": "0.1.0"
},
"paths": {
"/osint-lookup": {
"post": {
"summary": "Osint Lookup",
"operationId": "osint_lookup_osint_lookup_post",
"requestBody": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/OSINTQuery"
}
}
},
"required": true
},
"responses": {
"200": {
"description": "Successful Response",
"content": {
"application/json": {
"schema": {}
}
}
},
"422": {
"description": "Validation Error",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/HTTPValidationError"
}
}
}
}
}
}
}
},
"components": {
"schemas": {
"HTTPValidationError": {
"properties": {
"detail": {
"items": {
"$ref": "#/components/schemas/ValidationError"
},
"type": "array",
"title": "Detail"
}
},
"type": "object",
"title": "HTTPValidationError"
},
"OSINTQuery": {
"properties": {
"input": {
"type": "string",
"title": "Input"
}
},
"type": "object",
"required": [
"input"
],
"title": "OSINTQuery"
},
"ValidationError": {
"properties": {
"loc": {
"items": {
"anyOf": [
{
"type": "string"
},
{
"type": "integer"
}
]
},
"type": "array",
"title": "Location"
},
"msg": {
"type": "string",
"title": "Message"
},
"type": {
"type": "string",
"title": "Error Type"
}
},
"type": "object",
"required": [
"loc",
"msg",
"type"
],
"title": "ValidationError"
}
}
}
}Scan and identify Common Vulnerabilities and Exposures (CVEs) in software components and dependencies.
---
name: CVE Scanner
description: Scan and identify Common Vulnerabilities and Exposures (CVEs) in software components and dependencies.
---
```
# Overview
The CVE Scanner is a security-focused API that enables developers, security teams, and DevOps professionals to rapidly identify and assess Common Vulnerabilities and Exposures (CVEs) affecting their software supply chain. By submitting package names, versions, or vulnerability identifiers, users receive comprehensive CVE data including severity ratings, affected versions, and remediation guidance.
This tool integrates seamlessly into CI/CD pipelines, vulnerability management workflows, and security audits. It leverages authoritative CVE databases to deliver accurate, up-to-date intelligence on software vulnerabilities, helping organizations prioritize patching efforts and reduce risk exposure.
Ideal users include security engineers, application developers, DevOps teams, and compliance officers who need rapid, reliable CVE lookup capabilities integrated into automated security workflows.
## Usage
### Sample Request
```json
{
"query": "log4j 2.14.1"
}
```
### Sample Response
```json
{
"vulnerabilities": [
{
"cve_id": "CVE-2021-44228",
"title": "Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
"severity": "CRITICAL",
"cvss_score": 10.0,
"affected_versions": [
"2.0-beta9 through 2.15.0"
],
"description": "Apache Log4j2 versions less than 2.16.0 are vulnerable to remote code execution via JNDI injection.",
"published_date": "2021-12-10",
"updated_date": "2024-01-15",
"remediation": "Upgrade to Log4j 2.16.0 or later"
}
],
"query_timestamp": "2024-01-20T14:32:15Z",
"total_vulnerabilities_found": 1
}
```
## Endpoints
### POST /scan-cve
Scan for Common Vulnerabilities and Exposures matching a given query string.
**Method:** POST
**Path:** `/scan-cve`
**Request Parameters:**
| Name | Type | Required | Description |
|------|------|----------|-------------|
| `query` | string | Yes | The search query for CVE scanning. Can be a package name, version string, CVE identifier (e.g., "CVE-2021-44228"), or component name. |
**Request Body (application/json):**
```json
{
"query": "string"
}
```
**Response (200 - Success):**
Returns a JSON object containing matched CVE records with vulnerability details, severity information, affected versions, and recommended remediation steps.
**Response (422 - Validation Error):**
Returns validation error details when the request schema is invalid or required fields are missing.
```json
{
"detail": [
{
"loc": ["body", "query"],
"msg": "field required",
"type": "value_error.missing"
}
]
}
```
## Pricing
| Plan | Calls/Day | Calls/Month | Price |
|------|-----------|-------------|-------|
| Free | 5 | 50 | Free |
| Developer | 20 | 500 | $39/mo |
| Professional | 200 | 5,000 | $99/mo |
| Enterprise | 100,000 | 1,000,000 | $299/mo |
## About
ToolWeb.in — 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.
- 🌐 [toolweb.in](https://toolweb.in)
- 🔌 [portal.toolweb.in](https://portal.toolweb.in)
- 🤖 [hub.toolweb.in](https://hub.toolweb.in)
- 🐾 [toolweb.in/openclaw/](https://toolweb.in/openclaw/)
- 🚀 [rapidapi.com/user/mkrishna477](https://rapidapi.com/user/mkrishna477)
- 📺 [youtube.com/@toolweb-009](https://youtube.com/@toolweb-009)
## References
- **Kong Route:** `https://api.mkkpro.com/security/cve-scanner`
- **API Docs:** `https://api.mkkpro.com:8010/docs`
FILE:openapi.json
{
"openapi": "3.1.0",
"info": {
"title": "CVE Scanner",
"version": "0.1.0"
},
"paths": {
"/scan-cve": {
"post": {
"summary": "Scan Cve",
"operationId": "scan_cve_scan_cve_post",
"requestBody": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/CVEQuery"
}
}
},
"required": true
},
"responses": {
"200": {
"description": "Successful Response",
"content": {
"application/json": {
"schema": {}
}
}
},
"422": {
"description": "Validation Error",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/HTTPValidationError"
}
}
}
}
}
}
}
},
"components": {
"schemas": {
"CVEQuery": {
"properties": {
"query": {
"type": "string",
"title": "Query"
}
},
"type": "object",
"required": [
"query"
],
"title": "CVEQuery"
},
"HTTPValidationError": {
"properties": {
"detail": {
"items": {
"$ref": "#/components/schemas/ValidationError"
},
"type": "array",
"title": "Detail"
}
},
"type": "object",
"title": "HTTPValidationError"
},
"ValidationError": {
"properties": {
"loc": {
"items": {
"anyOf": [
{
"type": "string"
},
{
"type": "integer"
}
]
},
"type": "array",
"title": "Location"
},
"msg": {
"type": "string",
"title": "Message"
},
"type": {
"type": "string",
"title": "Error Type"
}
},
"type": "object",
"required": [
"loc",
"msg",
"type"
],
"title": "ValidationError"
}
}
}
}Aggregates and analyzes threat intelligence data to check targets against known threats and security risks.
---
name: Threat Intelligence Aggregator
description: Aggregates and analyzes threat intelligence data to check targets against known threats and security risks.
---
# Overview
The Threat Intelligence Aggregator is a security-focused API that enables rapid threat assessment by cross-referencing targets against aggregated threat intelligence databases. Built for security teams, incident responders, and compliance professionals, this tool consolidates threat data from multiple sources to provide actionable intelligence on IPs, domains, file hashes, and other indicators of compromise.
This API is ideal for organizations that need real-time threat visibility without managing multiple third-party integrations. Whether you're conducting incident response, performing due diligence on external entities, or automating security workflows, the Threat Intelligence Aggregator delivers comprehensive threat context in a single API call.
Key capabilities include rapid threat lookups, multi-source threat correlation, and detailed risk assessment data—all accessible through a simple, RESTful interface designed for integration into SOAR platforms, security dashboards, and automated response systems.
## Usage
### Sample Request
```json
{
"target": "192.168.1.100"
}
```
### Sample Response
```json
{
"target": "192.168.1.100",
"threat_status": "high_risk",
"findings": [
{
"source": "abusech",
"threat_type": "malware_c2",
"confidence": 95,
"last_seen": "2024-01-15T10:30:00Z"
},
{
"source": "otx",
"threat_type": "botnet",
"confidence": 87,
"last_seen": "2024-01-14T22:15:00Z"
}
],
"risk_score": 9.2,
"recommendations": [
"Block at firewall perimeter",
"Investigate network connections",
"Review logs for command execution"
],
"aggregated_at": "2024-01-16T08:45:22Z"
}
```
## Endpoints
### POST /check-threat
Analyzes a target against aggregated threat intelligence sources to identify known threats and security risks.
**Method:** POST
**Path:** `/check-threat`
**Description:** Submits a target (IP address, domain, file hash, or URL) for threat assessment. The API queries multiple threat intelligence feeds and returns consolidated findings with risk scoring and remediation recommendations.
**Request Parameters:**
| Name | Type | Required | Description |
|------|------|----------|-------------|
| target | string | Yes | The indicator to check: IP address, domain name, file hash (MD5/SHA1/SHA256), or URL |
**Response Schema:**
| Field | Type | Description |
|-------|------|-------------|
| target | string | The checked indicator |
| threat_status | string | Overall threat assessment: `clean`, `low_risk`, `medium_risk`, `high_risk`, `critical_risk` |
| findings | array | Array of threat findings from individual sources |
| findings[].source | string | Threat intelligence source (e.g., `abusech`, `otx`, `abuseipdb`) |
| findings[].threat_type | string | Classification of threat detected |
| findings[].confidence | integer | Confidence score 0-100 |
| findings[].last_seen | string | ISO 8601 timestamp of most recent observation |
| risk_score | number | Aggregated risk score 0-10 |
| recommendations | array | List of recommended remediation actions |
| aggregated_at | string | ISO 8601 timestamp of aggregation time |
**HTTP Status Codes:**
- `200 OK` — Threat check completed successfully
- `422 Unprocessable Entity` — Invalid request body or malformed target parameter
## Pricing
| Plan | Calls/Day | Calls/Month | Price |
|------|-----------|-------------|-------|
| Free | 5 | 50 | Free |
| Developer | 20 | 500 | $39/mo |
| Professional | 200 | 5,000 | $99/mo |
| Enterprise | 100,000 | 1,000,000 | $299/mo |
## About
ToolWeb.in — 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.
- 🌐 [toolweb.in](https://toolweb.in)
- 🔌 [portal.toolweb.in](https://portal.toolweb.in)
- 🤖 [hub.toolweb.in](https://hub.toolweb.in)
- 🐾 [toolweb.in/openclaw/](https://toolweb.in/openclaw/)
- 🚀 [rapidapi.com/user/mkrishna477](https://rapidapi.com/user/mkrishna477)
- 📺 [youtube.com/@toolweb-009](https://youtube.com/@toolweb-009)
## References
- **Kong Route:** `https://api.mkkpro.com/security/threat-intel-aggregator`
- **API Docs:** `https://api.mkkpro.com:8009/docs`
FILE:openapi.json
{
"openapi": "3.1.0",
"info": {
"title": "Threat Intelligence Aggregator",
"version": "0.1.0"
},
"paths": {
"/check-threat": {
"post": {
"summary": "Check Threat",
"operationId": "check_threat_check_threat_post",
"requestBody": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/ThreatRequest"
}
}
},
"required": true
},
"responses": {
"200": {
"description": "Successful Response",
"content": {
"application/json": {
"schema": {}
}
}
},
"422": {
"description": "Validation Error",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/HTTPValidationError"
}
}
}
}
}
}
}
},
"components": {
"schemas": {
"HTTPValidationError": {
"properties": {
"detail": {
"items": {
"$ref": "#/components/schemas/ValidationError"
},
"type": "array",
"title": "Detail"
}
},
"type": "object",
"title": "HTTPValidationError"
},
"ThreatRequest": {
"properties": {
"target": {
"type": "string",
"title": "Target"
}
},
"type": "object",
"required": [
"target"
],
"title": "ThreatRequest"
},
"ValidationError": {
"properties": {
"loc": {
"items": {
"anyOf": [
{
"type": "string"
},
{
"type": "integer"
}
]
},
"type": "array",
"title": "Location"
},
"msg": {
"type": "string",
"title": "Message"
},
"type": {
"type": "string",
"title": "Error Type"
}
},
"type": "object",
"required": [
"loc",
"msg",
"type"
],
"title": "ValidationError"
}
}
}
}Crack and identify hashes by attempting to match them against known hash databases and common plaintext values.
---
name: Hash Finding Tool
description: Crack and identify hashes by attempting to match them against known hash databases and common plaintext values.
---
# Overview
The Hash Finding Tool is a security utility designed to identify the plaintext values behind cryptographic hashes. By leveraging extensive hash databases and intelligent matching algorithms, this tool helps security professionals, penetration testers, and incident responders quickly determine the original values of captured or discovered hashes.
This tool supports common hash types and performs rapid lookups against curated datasets of known hash-plaintext pairs. It is ideal for password auditing, forensic analysis, breach investigation, and general security research where hash identification is required.
Whether you're validating password strength in a security assessment or recovering plaintext from discovered hashes during an incident, the Hash Finding Tool provides fast, accurate results through a simple API interface.
## Usage
**Request Example:**
```json
{
"hash": "5d41402abc4b2a76b9719d911017c592"
}
```
**Response Example:**
```json
{
"hash": "5d41402abc4b2a76b9719d911017c592",
"plaintext": "hello",
"hash_type": "MD5",
"found": true,
"confidence": 0.99
}
```
## Endpoints
### POST /crack-hash
**Description:**
Attempts to crack or identify a given hash by matching it against known hash databases and common plaintext values.
**Method:** `POST`
**Path:** `/crack-hash`
**Request Parameters:**
| Name | Type | Required | Description |
|------|------|----------|-------------|
| hash | string | Yes | The hash value to crack. Accepts MD5, SHA-1, SHA-256, and other common hash formats. |
**Response Schema:**
The response returns a JSON object containing:
| Field | Type | Description |
|-------|------|-------------|
| hash | string | The input hash that was queried. |
| plaintext | string | The plaintext value if a match was found; `null` if not found. |
| hash_type | string | The detected or inferred hash algorithm type (e.g., "MD5", "SHA-1", "SHA-256"). |
| found | boolean | `true` if a match was located in the database; `false` otherwise. |
| confidence | number | A confidence score between 0 and 1 indicating the likelihood of an accurate match. |
**Status Codes:**
- `200 OK` — Hash lookup completed successfully.
- `422 Unprocessable Entity` — Validation error (e.g., missing or malformed hash parameter).
## Pricing
| Plan | Calls/Day | Calls/Month | Price |
|------|-----------|-------------|-------|
| Free | 5 | 50 | Free |
| Developer | 20 | 500 | $39/mo |
| Professional | 200 | 5,000 | $99/mo |
| Enterprise | 100,000 | 1,000,000 | $299/mo |
## About
ToolWeb.in — 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.
- 🌐 [toolweb.in](https://toolweb.in)
- 🔌 [portal.toolweb.in](https://portal.toolweb.in)
- 🤖 [hub.toolweb.in](https://hub.toolweb.in)
- 🐾 [toolweb.in/openclaw/](https://toolweb.in/openclaw/)
- 🚀 [rapidapi.com/user/mkrishna477](https://rapidapi.com/user/mkrishna477)
- 📺 [youtube.com/@toolweb-009](https://youtube.com/@toolweb-009)
## References
- **Kong Route:** `https://api.mkkpro.com/security/hash-finder`
- **API Docs:** `https://api.mkkpro.com:8008/docs`
FILE:openapi.json
{
"openapi": "3.1.0",
"info": {
"title": "Hash Finding Tool",
"version": "0.1.0"
},
"paths": {
"/crack-hash": {
"post": {
"summary": "Crack Hash",
"operationId": "crack_hash_crack_hash_post",
"requestBody": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/HashRequest"
}
}
},
"required": true
},
"responses": {
"200": {
"description": "Successful Response",
"content": {
"application/json": {
"schema": {}
}
}
},
"422": {
"description": "Validation Error",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/HTTPValidationError"
}
}
}
}
}
}
}
},
"components": {
"schemas": {
"HTTPValidationError": {
"properties": {
"detail": {
"items": {
"$ref": "#/components/schemas/ValidationError"
},
"type": "array",
"title": "Detail"
}
},
"type": "object",
"title": "HTTPValidationError"
},
"HashRequest": {
"properties": {
"hash": {
"type": "string",
"title": "Hash"
}
},
"type": "object",
"required": [
"hash"
],
"title": "HashRequest"
},
"ValidationError": {
"properties": {
"loc": {
"items": {
"anyOf": [
{
"type": "string"
},
{
"type": "integer"
}
]
},
"type": "array",
"title": "Location"
},
"msg": {
"type": "string",
"title": "Message"
},
"type": {
"type": "string",
"title": "Error Type"
}
},
"type": "object",
"required": [
"loc",
"msg",
"type"
],
"title": "ValidationError"
}
}
}
}Discovers and enumerates all subdomains associated with a target domain using deep reconnaissance techniques.
---
name: Subdomain Enumerator
description: Discovers and enumerates all subdomains associated with a target domain using deep reconnaissance techniques.
---
# Overview
The Subdomain Enumerator is a powerful reconnaissance tool designed for security professionals, penetration testers, and bug bounty hunters who need to identify all active and inactive subdomains within a target domain. This API leverages multiple enumeration techniques to build a comprehensive map of an organization's subdomain infrastructure, which is critical for attack surface mapping and vulnerability assessment.
Subdomain enumeration is often the first step in a security assessment workflow. By discovering hidden or forgotten subdomains, security teams can identify overlooked assets that may contain vulnerabilities, outdated services, or misconfigurations. The Subdomain Enumerator automates this reconnaissance process, saving time and improving coverage compared to manual discovery methods.
This tool is ideal for security researchers conducting authorized penetration tests, red team operators performing scope definition, DevSecOps teams mapping their infrastructure, and organizations performing internal asset discovery for compliance purposes.
## Usage
### Sample Request
```json
{
"domain": "example.com"
}
```
### Sample Response
```json
{
"domain": "example.com",
"subdomains": [
{
"subdomain": "www.example.com",
"ip_address": "93.184.216.34",
"status": "active"
},
{
"subdomain": "mail.example.com",
"ip_address": "93.184.216.35",
"status": "active"
},
{
"subdomain": "staging.example.com",
"ip_address": "192.0.2.1",
"status": "active"
},
{
"subdomain": "old-api.example.com",
"ip_address": null,
"status": "inactive"
}
],
"total_found": 4,
"enumeration_time_ms": 5420
}
```
## Endpoints
### POST /enumerate-deep
Performs deep enumeration of subdomains for a specified domain using multiple reconnaissance techniques.
**Method:** `POST`
**Path:** `/enumerate-deep`
**Request Parameters:**
| Name | Type | Required | Description |
|------|------|----------|-------------|
| domain | string | Yes | The target domain to enumerate (e.g., `example.com`). Must be a valid domain name. |
**Response Schema:**
The response returns a JSON object containing:
| Field | Type | Description |
|-------|------|-------------|
| domain | string | The target domain that was enumerated |
| subdomains | array | Array of discovered subdomain objects, each containing `subdomain`, `ip_address`, and `status` fields |
| total_found | integer | Total count of subdomains discovered |
| enumeration_time_ms | integer | Time taken to complete enumeration in milliseconds |
**HTTP Status Codes:**
- `200 OK` — Enumeration completed successfully
- `422 Unprocessable Entity` — Validation error in request body (missing or invalid domain parameter)
## Pricing
| Plan | Calls/Day | Calls/Month | Price |
|------|-----------|-------------|-------|
| Free | 5 | 50 | Free |
| Developer | 20 | 500 | $39/mo |
| Professional | 200 | 5,000 | $99/mo |
| Enterprise | 100,000 | 1,000,000 | $299/mo |
## About
ToolWeb.in — 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.
- 🌐 [toolweb.in](https://toolweb.in)
- 🔌 [portal.toolweb.in](https://portal.toolweb.in)
- 🤖 [hub.toolweb.in](https://hub.toolweb.in)
- 🐾 [toolweb.in/openclaw/](https://toolweb.in/openclaw/)
- 🚀 [rapidapi.com/user/mkrishna477](https://rapidapi.com/user/mkrishna477)
- 📺 [youtube.com/@toolweb-009](https://youtube.com/@toolweb-009)
## References
- **Kong Route:** `https://api.mkkpro.com/security/subdomain-enumerator`
- **API Docs:** `https://api.mkkpro.com:8006/docs`
FILE:openapi.json
{
"openapi": "3.1.0",
"info": {
"title": "Subdomain Enumerator",
"version": "0.1.0"
},
"paths": {
"/enumerate-deep": {
"post": {
"summary": "Enumerate Deep",
"operationId": "enumerate_deep_enumerate_deep_post",
"requestBody": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/DomainRequest"
}
}
},
"required": true
},
"responses": {
"200": {
"description": "Successful Response",
"content": {
"application/json": {
"schema": {}
}
}
},
"422": {
"description": "Validation Error",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/HTTPValidationError"
}
}
}
}
}
}
}
},
"components": {
"schemas": {
"DomainRequest": {
"properties": {
"domain": {
"type": "string",
"title": "Domain"
}
},
"type": "object",
"required": [
"domain"
],
"title": "DomainRequest"
},
"HTTPValidationError": {
"properties": {
"detail": {
"items": {
"$ref": "#/components/schemas/ValidationError"
},
"type": "array",
"title": "Detail"
}
},
"type": "object",
"title": "HTTPValidationError"
},
"ValidationError": {
"properties": {
"loc": {
"items": {
"anyOf": [
{
"type": "string"
},
{
"type": "integer"
}
]
},
"type": "array",
"title": "Location"
},
"msg": {
"type": "string",
"title": "Message"
},
"type": {
"type": "string",
"title": "Error Type"
}
},
"type": "object",
"required": [
"loc",
"msg",
"type"
],
"title": "ValidationError"
}
}
}
}Analyzes URLs using heuristic algorithms to detect and identify phishing threats in real time.
---
name: Heuristic Phishing Detection
description: Analyzes URLs using heuristic algorithms to detect and identify phishing threats in real time.
---
# Overview
Heuristic Phishing Detection is a security-focused API that analyzes suspicious URLs to identify phishing attacks and malicious links. Using advanced heuristic algorithms, the tool examines URL structure, domain characteristics, and behavioral patterns to determine threat likelihood without relying solely on blocklists.
This API is ideal for security teams, email filtering systems, browser extensions, and web applications that need to protect users from phishing campaigns. It provides fast, accurate risk assessment for URLs encountered in emails, messages, search results, and web content, enabling proactive threat prevention before users interact with malicious sites.
Key capabilities include real-time URL analysis, heuristic-based threat detection, and detailed risk scoring. The tool integrates seamlessly into security workflows, SIEM platforms, and automated incident response systems.
# Usage
## Sample Request
```json
{
"url": "https://secure-paypal-verify.com/login"
}
```
## Sample Response
```json
{
"url": "https://secure-paypal-verify.com/login",
"is_phishing": true,
"risk_score": 0.92,
"threat_indicators": [
"homograph_domain",
"suspicious_tld",
"brand_impersonation"
],
"confidence": 0.95,
"analysis_timestamp": "2024-01-15T10:32:45Z"
}
```
# Endpoints
## POST /check-url
Analyzes a provided URL for phishing characteristics and returns a threat assessment.
**Method:** `POST`
**Path:** `/check-url`
**Description:** Submits a URL for heuristic analysis to determine phishing risk. The API examines domain structure, SSL certificate patterns, content indicators, and known phishing signatures.
### Parameters
| Name | Type | Required | Description |
|------|------|----------|-------------|
| `url` | string | Yes | The complete URL to analyze, including protocol (http:// or https://). Maximum 2048 characters. |
### Request Body
```json
{
"url": "string"
}
```
### Response (200 OK)
**Content-Type:** `application/json`
The response contains phishing detection results with risk indicators:
```json
{
"url": "string",
"is_phishing": "boolean",
"risk_score": "number (0-1)",
"threat_indicators": ["array of strings"],
"confidence": "number (0-1)",
"analysis_timestamp": "string (ISO 8601)"
}
```
**Response Fields:**
| Field | Type | Description |
|-------|------|-------------|
| `url` | string | Echo of the submitted URL |
| `is_phishing` | boolean | True if phishing detected, false otherwise |
| `risk_score` | number | Numeric risk assessment from 0.0 (safe) to 1.0 (confirmed phishing) |
| `threat_indicators` | array | List of detected threat patterns (e.g., homograph_domain, suspicious_tld, brand_impersonation) |
| `confidence` | number | Confidence level of the analysis from 0.0 to 1.0 |
| `analysis_timestamp` | string | ISO 8601 timestamp of when analysis was performed |
### Response (422 Validation Error)
**Content-Type:** `application/json`
Returned when request validation fails:
```json
{
"detail": [
{
"loc": ["body", "url"],
"msg": "field required",
"type": "value_error.missing"
}
]
}
```
# Pricing
| Plan | Calls/Day | Calls/Month | Price |
|------|-----------|-------------|-------|
| Free | 5 | 50 | Free |
| Developer | 20 | 500 | $39/mo |
| Professional | 200 | 5,000 | $99/mo |
| Enterprise | 100,000 | 1,000,000 | $299/mo |
# About
ToolWeb.in — 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.
- 🌐 [toolweb.in](https://toolweb.in)
- 🔌 [portal.toolweb.in](https://portal.toolweb.in)
- 🤖 [hub.toolweb.in](https://hub.toolweb.in)
- 🐾 [toolweb.in/openclaw/](https://toolweb.in/openclaw/)
- 🚀 [rapidapi.com/user/mkrishna477](https://rapidapi.com/user/mkrishna477)
- 📺 [youtube.com/@toolweb-009](https://youtube.com/@toolweb-009)
# References
- **Kong Route:** `https://api.mkkpro.com/security/phishing-detection`
- **API Docs:** `https://api.mkkpro.com:8005/docs`
FILE:openapi.json
{
"openapi": "3.1.0",
"info": {
"title": "Heuristic Phishing detection",
"version": "0.1.0"
},
"paths": {
"/check-url": {
"post": {
"summary": "Check Url",
"operationId": "check_url_check_url_post",
"requestBody": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/URLRequest"
}
}
},
"required": true
},
"responses": {
"200": {
"description": "Successful Response",
"content": {
"application/json": {
"schema": {}
}
}
},
"422": {
"description": "Validation Error",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/HTTPValidationError"
}
}
}
}
}
}
}
},
"components": {
"schemas": {
"HTTPValidationError": {
"properties": {
"detail": {
"items": {
"$ref": "#/components/schemas/ValidationError"
},
"type": "array",
"title": "Detail"
}
},
"type": "object",
"title": "HTTPValidationError"
},
"URLRequest": {
"properties": {
"url": {
"type": "string",
"title": "Url"
}
},
"type": "object",
"required": [
"url"
],
"title": "URLRequest"
},
"ValidationError": {
"properties": {
"loc": {
"items": {
"anyOf": [
{
"type": "string"
},
{
"type": "integer"
}
]
},
"type": "array",
"title": "Location"
},
"msg": {
"type": "string",
"title": "Message"
},
"type": {
"type": "string",
"title": "Error Type"
}
},
"type": "object",
"required": [
"loc",
"msg",
"type"
],
"title": "ValidationError"
}
}
}
}Generate professional logos from text prompts using artificial intelligence.
---
name: AI Logo Generator
description: Generate professional logos from text prompts using artificial intelligence.
---
# Overview
AI Logo Generator is a powerful API that transforms creative text descriptions into unique, professional logos using advanced AI models. Whether you're a startup founder, designer, or brand manager, this tool eliminates the need for expensive design agencies by delivering high-quality logo designs instantly.
The API accepts natural language prompts describing your desired logo and returns AI-generated logo images tailored to your specifications. With support for diverse design styles, color schemes, and industry verticals, it's ideal for rapid prototyping, brand exploration, and design inspiration.
Perfect for entrepreneurs, marketing teams, design agencies, SaaS platforms, and anyone needing quick, cost-effective logo generation without manual design work.
## Usage
### Sample Request
```json
{
"prompt": "A modern, minimalist tech startup logo featuring a blue geometric cube with white accents, suitable for a cloud computing company"
}
```
### Sample Response
```json
{
"success": true,
"logo_url": "https://cdn.example.com/logos/ai-generated-12345.png",
"prompt": "A modern, minimalist tech startup logo featuring a blue geometric cube with white accents, suitable for a cloud computing company",
"format": "png",
"size": "512x512",
"generation_time_ms": 3420,
"model_version": "v1.2"
}
```
## Endpoints
### POST /generate-logo
Generates a professional logo based on a text description.
**Method:** `POST`
**Path:** `/generate-logo`
**Description:** Accepts a text prompt describing the desired logo and returns an AI-generated logo image.
**Request Parameters:**
| Parameter | Type | Required | Description |
|-----------|------|----------|-------------|
| prompt | string | Yes | Natural language description of the desired logo design, including style, colors, industry, and any specific elements or symbols |
**Response Schema:**
| Field | Type | Description |
|-------|------|-------------|
| success | boolean | Indicates whether the logo generation was successful |
| logo_url | string | Direct URL to the generated logo image |
| prompt | string | The original prompt used for generation |
| format | string | Image format of the generated logo (e.g., "png") |
| size | string | Dimensions of the generated logo (e.g., "512x512") |
| generation_time_ms | integer | Time in milliseconds required to generate the logo |
| model_version | string | Version of the AI model used for generation |
**Status Codes:**
- `200 OK` — Logo generated successfully
- `422 Unprocessable Entity` — Validation error (missing or invalid prompt parameter)
## Pricing
| Plan | Calls/Day | Calls/Month | Price |
|------|-----------|-------------|-------|
| Free | 5 | 50 | Free |
| Developer | 20 | 500 | $39/mo |
| Professional | 200 | 5,000 | $99/mo |
| Enterprise | 100,000 | 1,000,000 | $299/mo |
## About
ToolWeb.in — 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.
- 🌐 [toolweb.in](https://toolweb.in)
- 🔌 [portal.toolweb.in](https://portal.toolweb.in)
- 🤖 [hub.toolweb.in](https://hub.toolweb.in)
- 🐾 [toolweb.in/openclaw/](https://toolweb.in/openclaw/)
- 🚀 [rapidapi.com/user/mkrishna477](https://rapidapi.com/user/mkrishna477)
- 📺 [youtube.com/@toolweb-009](https://youtube.com/@toolweb-009)
## References
- **Kong Route:** `https://api.mkkpro.com/creative/ai-logo-generator`
- **API Docs:** `https://api.mkkpro.com:8003/docs`
FILE:openapi.json
{
"openapi": "3.1.0",
"info": {
"title": "AI Logo Generator",
"version": "0.1.0"
},
"paths": {
"/generate-logo": {
"post": {
"summary": "Generate Logo",
"operationId": "generate_logo_generate_logo_post",
"requestBody": {
"content": {
"application/x-www-form-urlencoded": {
"schema": {
"$ref": "#/components/schemas/Body_generate_logo_generate_logo_post"
}
}
},
"required": true
},
"responses": {
"200": {
"description": "Successful Response",
"content": {
"application/json": {
"schema": {}
}
}
},
"422": {
"description": "Validation Error",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/HTTPValidationError"
}
}
}
}
}
}
}
},
"components": {
"schemas": {
"Body_generate_logo_generate_logo_post": {
"properties": {
"prompt": {
"type": "string",
"title": "Prompt"
}
},
"type": "object",
"required": [
"prompt"
],
"title": "Body_generate_logo_generate_logo_post"
},
"HTTPValidationError": {
"properties": {
"detail": {
"items": {
"$ref": "#/components/schemas/ValidationError"
},
"type": "array",
"title": "Detail"
}
},
"type": "object",
"title": "HTTPValidationError"
},
"ValidationError": {
"properties": {
"loc": {
"items": {
"anyOf": [
{
"type": "string"
},
{
"type": "integer"
}
]
},
"type": "array",
"title": "Location"
},
"msg": {
"type": "string",
"title": "Message"
},
"type": {
"type": "string",
"title": "Error Type"
}
},
"type": "object",
"required": [
"loc",
"msg",
"type"
],
"title": "ValidationError"
}
}
}
}Generate custom icons using artificial intelligence from text prompts or descriptions.
---
name: AI Icon Generator
description: Generate custom icons using artificial intelligence from text prompts or descriptions.
---
# Overview
The AI Icon Generator is a powerful REST API that leverages artificial intelligence to create custom icons on demand. Instead of manually designing icons or searching through icon libraries, users can describe what they need in plain language and receive generated icon assets within seconds.
This tool is ideal for developers, designers, and product teams who need rapid icon generation for web applications, mobile apps, design systems, or marketing materials. Whether you're prototyping a new interface, building a comprehensive icon set, or automating icon creation in your CI/CD pipeline, the AI Icon Generator eliminates the friction of traditional icon design workflows.
Key capabilities include intelligent interpretation of natural language prompts, consistent style generation, and immediate delivery of ready-to-use icon assets. The API integrates seamlessly into existing development environments and scales from individual developers to enterprise teams.
## Usage
### Sample Request
```json
{
"prompt": "minimalist cloud storage icon with a lock symbol",
"style": "modern",
"size": "256px",
"format": "png"
}
```
### Sample Response
```json
{
"success": true,
"icon_id": "icon_7a4k9m2x",
"prompt": "minimalist cloud storage icon with a lock symbol",
"style": "modern",
"size": "256px",
"format": "png",
"url": "https://api.mkkpro.com/icons/icon_7a4k9m2x.png",
"created_at": "2024-01-15T10:32:45Z",
"expires_at": "2024-04-15T10:32:45Z",
"download_count": 0
}
```
## Endpoints
### POST /generate-icons
**Description:** Generate one or more custom icons based on text prompts using AI.
**Method:** `POST`
**Path:** `/generate-icons`
**Parameters:**
| Name | Type | Required | Description |
|------|------|----------|-------------|
| `prompt` | string | Yes | Natural language description of the icon to generate (e.g., "gear icon", "shopping cart with arrow") |
| `style` | string | No | Visual style for the generated icon. Common values: `modern`, `flat`, `outlined`, `filled`, `3d`, `minimalist`. Default: `modern` |
| `size` | string | No | Output icon size. Common values: `64px`, `128px`, `256px`, `512px`, `1024px`. Default: `256px` |
| `format` | string | No | Output image format. Accepted values: `png`, `svg`, `webp`. Default: `png` |
| `count` | integer | No | Number of icon variations to generate (1-5). Default: `1` |
| `color_scheme` | string | No | Color preference for the icon. Values: `monochrome`, `vibrant`, `pastel`, `custom`. Default: `monochrome` |
**Response Schema:**
```json
{
"success": boolean,
"icon_id": "string",
"prompt": "string",
"style": "string",
"size": "string",
"format": "string",
"url": "string (icon download URL)",
"urls": ["string (array if count > 1)"],
"created_at": "string (ISO 8601 timestamp)",
"expires_at": "string (ISO 8601 timestamp)",
"download_count": "integer"
}
```
**Status Codes:**
- `200`: Icons generated successfully
- `400`: Invalid parameters (e.g., unsupported format, invalid style)
- `429`: Rate limit exceeded
- `500`: Server error during icon generation
## Pricing
| Plan | Calls/Day | Calls/Month | Price |
|------|-----------|-------------|-------|
| Free | 5 | 50 | Free |
| Developer | 20 | 500 | $39/mo |
| Professional | 200 | 5,000 | $99/mo |
| Enterprise | 100,000 | 1,000,000 | $299/mo |
## About
ToolWeb.in — 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.
- 🌐 [toolweb.in](https://toolweb.in)
- 🔌 [portal.toolweb.in](https://portal.toolweb.in)
- 🤖 [hub.toolweb.in](https://hub.toolweb.in)
- 🐾 [toolweb.in/openclaw/](https://toolweb.in/openclaw/)
- 🚀 [rapidapi.com/user/mkrishna477](https://rapidapi.com/user/mkrishna477)
- 📺 [youtube.com/@toolweb-009](https://youtube.com/@toolweb-009)
## References
- **Kong Route:** https://api.mkkpro.com/creative/ai-icon-generator
- **API Docs:** https://api.mkkpro.com:8002/docs
FILE:openapi.json
{
"openapi": "3.1.0",
"info": {
"title": "AI Icon Generator",
"version": "0.1.0"
},
"paths": {
"/generate-icons": {
"post": {
"summary": "Generate Icons",
"operationId": "generate_icons_generate_icons_post",
"responses": {
"200": {
"description": "Successful Response",
"content": {
"application/json": {
"schema": {}
}
}
}
}
}
}
}
}Converts PDF documents into editable PowerPoint presentations with intelligent content extraction and formatting.
---
name: PDF to PowerPoint
description: Converts PDF documents into editable PowerPoint presentations with intelligent content extraction and formatting.
---
# Overview
PDF to PowerPoint is a document conversion API that transforms static PDF files into dynamic, editable PowerPoint presentations. This tool intelligently extracts text, images, and layout information from PDF documents and reconstructs them in PPTX format, preserving structure and visual hierarchy while enabling further customization.
The service is designed for professionals who need to repurpose PDF content into presentation-ready formats. Whether you're converting reports, whitepapers, or structured documents, this API handles the conversion pipeline end-to-end, reducing manual reformatting time and maintaining content integrity throughout the process.
Ideal users include business analysts, consultants, educators, and content teams who regularly work with mixed document formats and require programmatic conversion capabilities as part of larger automation workflows.
## Usage
**Sample Request:**
```json
{
"file": "<binary PDF file content>"
}
```
Upload a PDF file using multipart/form-data encoding. The file parameter should contain the raw binary data of your PDF document.
**Sample Response:**
```json
{
"status": "success",
"message": "PDF conversion completed",
"output_file": "document_converted.pptx",
"pages_processed": 12,
"conversion_time_ms": 2450,
"file_url": "https://api.mkkpro.com/files/abc123def456/document_converted.pptx"
}
```
The response includes the converted PowerPoint file URL, processing metrics, and status confirmation for download and integration.
## Endpoints
### POST /upload-pdf
Uploads and converts a PDF file to PowerPoint format.
**Method:** `POST`
**Path:** `/upload-pdf`
**Description:** Accepts a PDF document via multipart file upload and initiates the conversion process to generate an editable PowerPoint presentation.
**Parameters:**
| Name | Type | Required | Description |
|------|------|----------|-------------|
| file | binary (file) | Yes | The PDF file to be converted. Must be a valid PDF document in binary format. |
**Request Content-Type:** `multipart/form-data`
**Response (200 - Success):**
```
Content-Type: application/json
Status: 200 OK
{
"status": "success",
"message": "string",
"output_file": "string",
"pages_processed": "integer",
"conversion_time_ms": "integer",
"file_url": "string"
}
```
**Response (422 - Validation Error):**
```
Content-Type: application/json
Status: 422 Unprocessable Entity
{
"detail": [
{
"loc": ["string" | integer],
"msg": "string",
"type": "string"
}
]
}
```
Returned when the uploaded file fails validation (missing, invalid format, or corrupt PDF).
## Pricing
| Plan | Calls/Day | Calls/Month | Price |
|------|-----------|-------------|-------|
| Free | 5 | 50 | Free |
| Developer | 20 | 500 | $39/mo |
| Professional | 200 | 5,000 | $99/mo |
| Enterprise | 100,000 | 1,000,000 | $299/mo |
## About
ToolWeb.in — 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.
- 🌐 [toolweb.in](https://toolweb.in)
- 🔌 [portal.toolweb.in](https://portal.toolweb.in)
- 🤖 [hub.toolweb.in](https://hub.toolweb.in)
- 🐾 [toolweb.in/openclaw/](https://toolweb.in/openclaw/)
- 🚀 [rapidapi.com/user/mkrishna477](https://rapidapi.com/user/mkrishna477)
- 📺 [youtube.com/@toolweb-009](https://youtube.com/@toolweb-009)
## References
- **Kong Route:** `https://api.mkkpro.com/creative/pdf-to-pptx`
- **API Docs:** `https://api.mkkpro.com:8001/docs`
FILE:openapi.json
{
"openapi": "3.1.0",
"info": {
"title": "PDF to PowerPoint",
"version": "0.1.0"
},
"paths": {
"/upload-pdf": {
"post": {
"summary": "Upload Pdf",
"operationId": "upload_pdf_upload_pdf_post",
"requestBody": {
"content": {
"multipart/form-data": {
"schema": {
"$ref": "#/components/schemas/Body_upload_pdf_upload_pdf_post"
}
}
},
"required": true
},
"responses": {
"200": {
"description": "Successful Response",
"content": {
"application/json": {
"schema": {}
}
}
},
"422": {
"description": "Validation Error",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/HTTPValidationError"
}
}
}
}
}
}
}
},
"components": {
"schemas": {
"Body_upload_pdf_upload_pdf_post": {
"properties": {
"file": {
"type": "string",
"format": "binary",
"title": "File"
}
},
"type": "object",
"required": [
"file"
],
"title": "Body_upload_pdf_upload_pdf_post"
},
"HTTPValidationError": {
"properties": {
"detail": {
"items": {
"$ref": "#/components/schemas/ValidationError"
},
"type": "array",
"title": "Detail"
}
},
"type": "object",
"title": "HTTPValidationError"
},
"ValidationError": {
"properties": {
"loc": {
"items": {
"anyOf": [
{
"type": "string"
},
{
"type": "integer"
}
]
},
"type": "array",
"title": "Location"
},
"msg": {
"type": "string",
"title": "Message"
},
"type": {
"type": "string",
"title": "Error Type"
}
},
"type": "object",
"required": [
"loc",
"msg",
"type"
],
"title": "ValidationError"
}
}
}
}Automatically extract and generate concise summaries from PDF documents using intelligent text analysis.
---
name: PDF Book Summarizer
description: Automatically extract and generate concise summaries from PDF documents using intelligent text analysis.
---
# Overview
The PDF Book Summarizer is a powerful API endpoint designed to intelligently process PDF files and extract meaningful summaries. Built for researchers, students, professionals, and organizations that need to quickly understand document content without reading entire texts, this tool leverages advanced natural language processing to condense books, reports, and technical documents into actionable summaries.
Whether you're managing a knowledge base, conducting research, or streamlining document review workflows, the PDF Book Summarizer reduces time spent on document analysis while maintaining comprehension of key concepts and information. The API accepts PDF files of various sizes and complexities, automatically extracting text and generating coherent, well-structured summaries that highlight the most important points.
Ideal users include legal professionals reviewing contracts, academics processing research papers, business analysts synthesizing reports, content creators extracting key insights, and enterprises implementing document automation workflows. The tool integrates seamlessly into existing systems via multipart file uploads and returns structured summary data.
## Usage
### Sample Request
Upload a PDF file to generate a summary:
```json
POST /summarize-pdf HTTP/1.1
Host: api.mkkpro.com
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary
------WebKitFormBoundary
Content-Disposition: form-data; name="file"; filename="research-paper.pdf"
Content-Type: application/pdf
[Binary PDF file content]
------WebKitFormBoundary--
```
### Sample Response
```json
{
"summary": "This research paper explores the impact of machine learning on cybersecurity threat detection. The authors present a novel approach to identifying anomalous network behavior using deep learning neural networks. Key findings include a 95% detection accuracy rate, reduced false positives compared to traditional rule-based systems, and practical deployment strategies for enterprise environments. The paper concludes that ML-based security systems significantly improve incident response times and enable proactive threat mitigation. Recommendations include hybrid approaches combining traditional and ML methods, continuous model retraining, and security team training on AI-driven tools.",
"pages_processed": 47,
"processing_time_seconds": 3.24,
"status": "success"
}
```
## Endpoints
### POST /summarize-pdf
Generates a concise summary from an uploaded PDF file.
**Method:** `POST`
**Path:** `/summarize-pdf`
**Description:** Accepts a PDF file via multipart form data, processes the document, extracts text content, and returns an intelligent summary of the document's key points and concepts.
**Parameters:**
| Name | Type | Required | Description |
|------|------|----------|-------------|
| `file` | binary | Yes | PDF file to be summarized. File must be in valid PDF format and accessible by the API. |
**Response (200 - Success):**
```json
{
"summary": "string",
"pages_processed": "integer",
"processing_time_seconds": "number",
"status": "string"
}
```
**Response (422 - Validation Error):**
```json
{
"detail": [
{
"loc": ["string | integer"],
"msg": "string",
"type": "string"
}
]
}
```
**Error Scenarios:**
- Missing or invalid file parameter returns 422 Validation Error
- Corrupted or non-PDF files result in processing failure
- Extremely large files may timeout; recommended maximum size is 50MB
## Pricing
| Plan | Calls/Day | Calls/Month | Price |
|------|-----------|-------------|-------|
| Free | 5 | 50 | Free |
| Developer | 20 | 500 | $39/mo |
| Professional | 200 | 5,000 | $99/mo |
| Enterprise | 100,000 | 1,000,000 | $299/mo |
## About
ToolWeb.in — 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.
- 🌐 [toolweb.in](https://toolweb.in)
- 🔌 [portal.toolweb.in](https://portal.toolweb.in)
- 🤖 [hub.toolweb.in](https://hub.toolweb.in)
- 🐾 [toolweb.in/openclaw/](https://toolweb.in/openclaw/)
- 🚀 [rapidapi.com/user/mkrishna477](https://rapidapi.com/user/mkrishna477)
- 📺 [youtube.com/@toolweb-009](https://youtube.com/@toolweb-009)
## References
- **Kong Route:** `https://api.mkkpro.com/creative/pdf-summarizer`
- **API Docs:** `https://api.mkkpro.com:8000/docs`
FILE:openapi.json
{
"openapi": "3.1.0",
"info": {
"title": "PDF Book Summarizer",
"version": "0.1.0"
},
"paths": {
"/summarize-pdf": {
"post": {
"summary": "Summarize Pdf",
"operationId": "summarize_pdf_summarize_pdf_post",
"requestBody": {
"content": {
"multipart/form-data": {
"schema": {
"$ref": "#/components/schemas/Body_summarize_pdf_summarize_pdf_post"
}
}
},
"required": true
},
"responses": {
"200": {
"description": "Successful Response",
"content": {
"application/json": {
"schema": {}
}
}
},
"422": {
"description": "Validation Error",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/HTTPValidationError"
}
}
}
}
}
}
}
},
"components": {
"schemas": {
"Body_summarize_pdf_summarize_pdf_post": {
"properties": {
"file": {
"type": "string",
"format": "binary",
"title": "File"
}
},
"type": "object",
"required": [
"file"
],
"title": "Body_summarize_pdf_summarize_pdf_post"
},
"HTTPValidationError": {
"properties": {
"detail": {
"items": {
"$ref": "#/components/schemas/ValidationError"
},
"type": "array",
"title": "Detail"
}
},
"type": "object",
"title": "HTTPValidationError"
},
"ValidationError": {
"properties": {
"loc": {
"items": {
"anyOf": [
{
"type": "string"
},
{
"type": "integer"
}
]
},
"type": "array",
"title": "Location"
},
"msg": {
"type": "string",
"title": "Message"
},
"type": {
"type": "string",
"title": "Error Type"
}
},
"type": "object",
"required": [
"loc",
"msg",
"type"
],
"title": "ValidationError"
}
}
}
}Map your security controls and tools to NIST CSF 2.0, receive coverage scores, gap analysis, tier rating, regulatory crosswalk, and a prioritized improvement...
# NIST CSF Mapper
Map your organization's current security controls and tooling to the NIST Cybersecurity Framework (CSF) 2.0. Provide your company profile, existing security tools, and control posture — get back a function-by-function CSF coverage report, gap analysis, maturity tier rating, and a prioritized improvement roadmap across all six CSF functions: Govern, Identify, Protect, Detect, Respond, and Recover.
---
## Usage
```json
{
"tool": "nist_csf_mapper",
"input": {
"company_size": "Medium",
"industry": "Financial Services",
"current_tools": ["Palo Alto Firewall", "CrowdStrike EDR", "Splunk SIEM", "Tenable Nessus", "AWS Backup", "KnowBe4"],
"has_firewall": true,
"has_antivirus": true,
"has_backup_system": true,
"has_monitoring": true,
"has_incident_response": false,
"has_access_controls": true,
"has_data_encryption": true,
"has_vulnerability_scanning": true,
"has_security_training": true,
"has_business_continuity": false,
"regulatory_requirements": ["PCI DSS", "GDPR", "RBI Guidelines"]
}
}
```
---
## Parameters
All fields are **required**.
### Company Profile
| Field | Type | Description |
|-------|------|-------------|
| `company_size` | string | `Small`, `Medium`, `Large`, `Enterprise` |
| `industry` | string | Industry vertical (e.g., `Financial Services`, `Healthcare`, `Manufacturing`, `Technology`, `Retail`, `Energy`) |
| `current_tools` | array of strings | Security tools currently deployed. Examples: `Palo Alto Firewall`, `CrowdStrike EDR`, `Splunk SIEM`, `Tenable Nessus`, `Okta`, `CyberArk`, `AWS Security Hub`, `KnowBe4`, `Veeam Backup` |
| `regulatory_requirements` | array of strings | Applicable regulations/frameworks. Examples: `PCI DSS`, `HIPAA`, `GDPR`, `SOC 2`, `ISO 27001`, `NIST 800-53`, `RBI Guidelines`, `SEBI` |
### Control Posture (boolean flags)
| Field | Type | Description |
|-------|------|-------------|
| `has_firewall` | boolean | Network firewall deployed and actively managed |
| `has_antivirus` | boolean | Antivirus/EDR solution in place across endpoints |
| `has_backup_system` | boolean | Automated data backup system operational |
| `has_monitoring` | boolean | Security monitoring / SIEM solution active |
| `has_incident_response` | boolean | Formal incident response plan documented and tested |
| `has_access_controls` | boolean | Identity and access management controls implemented |
| `has_data_encryption` | boolean | Data encryption at rest and in transit enforced |
| `has_vulnerability_scanning` | boolean | Regular vulnerability scanning conducted |
| `has_security_training` | boolean | Security awareness training program in place |
| `has_business_continuity` | boolean | Business continuity and disaster recovery plan exists |
---
## What You Get
- **CSF function-by-function coverage** — maturity score across Govern, Identify, Protect, Detect, Respond, Recover
- **NIST CSF Tier rating** — overall tier assessment (Tier 1 Partial → Tier 4 Adaptive)
- **Subcategory gap map** — which specific CSF subcategories (e.g., ID.AM-1, PR.AC-3) are covered, partial, or missing
- **Tool-to-CSF mapping** — how your existing tools map to CSF functions and subcategories
- **Regulatory crosswalk** — how CSF gaps align to your stated compliance requirements
- **Prioritized improvement roadmap** — Quick Wins (0–30 days), Short-term (30–90 days), Strategic (90+ days)
- **Executive summary** — board-ready posture summary with tier rating and top risks
---
## Example Output
```json
{
"organization": "Acme Financial",
"csf_version": "NIST CSF 2.0",
"overall_tier": "Tier 2 — Risk Informed",
"overall_score": 68,
"function_scores": {
"govern": { "score": 55, "tier": "Tier 2", "gaps": 3 },
"identify": { "score": 70, "tier": "Tier 2", "gaps": 2 },
"protect": { "score": 80, "tier": "Tier 3", "gaps": 1 },
"detect": { "score": 75, "tier": "Tier 3", "gaps": 1 },
"respond": { "score": 40, "tier": "Tier 1", "gaps": 4 },
"recover": { "score": 35, "tier": "Tier 1", "gaps": 3 }
},
"tool_mapping": [
{ "tool": "Palo Alto Firewall", "csf_functions": ["Protect (PR.AC, PR.PT)"] },
{ "tool": "CrowdStrike EDR", "csf_functions": ["Detect (DE.CM)", "Respond (RS.AN)"] },
{ "tool": "Splunk SIEM", "csf_functions": ["Detect (DE.CM, DE.AE)", "Respond (RS.AN)"] },
{ "tool": "Tenable Nessus", "csf_functions": ["Identify (ID.RA)", "Protect (PR.IP)"] }
],
"critical_gaps": [
"No incident response plan — RS.RP-1, RS.CO-1 not met",
"No business continuity plan — RC.RP-1, RC.CO-3 not met",
"Govern function weak — GV.OC, GV.RM subcategories not addressed",
"No formal asset inventory process — ID.AM-1, ID.AM-2 partial"
],
"regulatory_crosswalk": {
"PCI_DSS": ["Requirement 12.10 (IR plan)", "Requirement 12.3 (risk assessment)"],
"GDPR": ["Article 32 (security measures)", "Article 33 (breach notification)"]
},
"quick_wins": [
"Document and approve Incident Response Plan (14 days)",
"Create asset inventory register using existing SIEM data (7 days)",
"Define cybersecurity roles and responsibilities in a RACI matrix (10 days)"
]
}
```
---
## API Reference
**Base URL:** `https://portal.toolweb.in/apis/compliance/nist-csf-mapper`
| Endpoint | Method | Description |
|----------|--------|-------------|
| `/nist-mapping` | POST | Map security controls to NIST CSF 2.0 and generate gap report |
**Authentication:** Pass your API key as `X-API-Key` header or `mcp_api_key` argument via MCP.
---
## Pricing
| Plan | Daily Limit | Monthly Limit | Price |
|------|-------------|---------------|-------|
| Free | 5 / day | 50 / month | $0 |
| Developer | 20 / day | 500 / month | $39 |
| Professional | 200 / day | 5,000 / month | $99 |
| Enterprise | 100,000 / day | 1,000,000 / month | $299 |
---
## About
**ToolWeb.in** — 200+ security APIs, CISSP & CISM certified, built for enterprise compliance practitioners.
Platforms: Pay-per-run · API Gateway · MCP Server · OpenClaw · RapidAPI · YouTube
- 🌐 [toolweb.in](https://toolweb.in)
- 🔌 [portal.toolweb.in](https://portal.toolweb.in)
- 🤖 [hub.toolweb.in](https://hub.toolweb.in) (MCP Server)
- 🦞 [toolweb.in/openclaw/](https://toolweb.in/openclaw/)
- ⚡ [rapidapi.com/user/mkrishna477](https://rapidapi.com/user/mkrishna477)
- 📺 [youtube.com/@toolweb-009](https://youtube.com/@toolweb-009)
Check if an email has appeared in known data breaches and get detailed breach history, severity, compromised data, and remediation recommendations.
# Breached Email Check
Check whether an email address has appeared in known data breaches. Submit any email address and get back a breach history report — including which breaches exposed the address, what data types were compromised, breach dates, and remediation recommendations. Essential for user onboarding security checks, employee credential monitoring, and threat exposure assessments.
---
## Usage
```json
{
"tool": "breached_email_check",
"input": {
"email": "[email protected]"
}
}
```
---
## Parameters
| Field | Type | Required | Description |
|-------|------|----------|-------------|
| `email` | string | ✅ | The email address to check against known data breach databases |
---
## What You Get
- **Breach status** — whether the email has been found in any known breaches
- **Breach list** — names of breaches the email appeared in, with dates
- **Compromised data types** — what was exposed per breach (passwords, phone numbers, physical addresses, credit cards, etc.)
- **Breach severity rating** — overall risk level based on sensitivity of exposed data
- **Paste exposure** — whether the email has appeared in public paste sites (Pastebin, etc.)
- **Remediation guidance** — specific actions to take based on breach findings (password reset, MFA, account monitoring)
---
## Example Output
```json
{
"email": "[email protected]",
"breached": true,
"breach_count": 3,
"severity": "High",
"breaches": [
{
"name": "LinkedIn (2012)",
"date": "2012-06-05",
"compromised_data": ["Email Addresses", "Passwords"],
"description": "Password hashes exposed in large-scale breach; later cracked and published",
"verified": true
},
{
"name": "Adobe (2013)",
"date": "2013-10-04",
"compromised_data": ["Email Addresses", "Password Hints", "Passwords", "Usernames"],
"description": "Source code and encrypted credentials exposed for 153 million accounts",
"verified": true
},
{
"name": "DataBreach.com (2020)",
"date": "2020-03-21",
"compromised_data": ["Email Addresses", "Phone Numbers", "Physical Addresses"],
"description": "Aggregated breach data compilation including PII from multiple sources",
"verified": false
}
],
"paste_exposure": true,
"paste_count": 1,
"remediation": [
"Change passwords on all accounts using this email address immediately",
"Enable multi-factor authentication (MFA) on all associated accounts",
"Check for unauthorized account activity on LinkedIn and Adobe",
"Consider using a unique email alias for sensitive accounts going forward",
"Monitor credit report if physical address was exposed"
]
}
```
### When email is clean
```json
{
"email": "[email protected]",
"breached": false,
"breach_count": 0,
"severity": "None",
"breaches": [],
"paste_exposure": false,
"paste_count": 0,
"remediation": [
"No known breaches found — continue using strong, unique passwords",
"Enable MFA as a proactive measure"
]
}
```
---
## Use Cases
- **User onboarding** — check if a new user's email is in known breaches at signup
- **Employee security audits** — identify staff with exposed credentials before they become an attack vector
- **Threat exposure assessment** — assess corporate email domain exposure across your workforce
- **Password reset triggers** — automatically prompt users with breached emails to reset credentials
- **Security awareness** — show users their personal breach history to drive MFA adoption
---
## API Reference
**Base URL:** `https://portal.toolweb.in/apis/security/breached-email-check`
| Endpoint | Method | Description |
|----------|--------|-------------|
| `/check-breach` | POST | Check an email address against known data breach databases |
**Authentication:** Pass your API key as `X-API-Key` header or `mcp_api_key` argument via MCP.
---
## Pricing
| Plan | Daily Limit | Monthly Limit | Price |
|------|-------------|---------------|-------|
| Free | 5 / day | 50 / month | $0 |
| Developer | 20 / day | 500 / month | $39 |
| Professional | 200 / day | 5,000 / month | $99 |
| Enterprise | 100,000 / day | 1,000,000 / month | $299 |
---
## About
**ToolWeb.in** — 200+ security APIs, CISSP & CISM certified, built for enterprise security practitioners.
Platforms: Pay-per-run · API Gateway · MCP Server · OpenClaw · RapidAPI · YouTube
- 🌐 [toolweb.in](https://toolweb.in)
- 🔌 [portal.toolweb.in](https://portal.toolweb.in)
- 🤖 [hub.toolweb.in](https://hub.toolweb.in) (MCP Server)
- 🦞 [toolweb.in/openclaw/](https://toolweb.in/openclaw/)
- ⚡ [rapidapi.com/user/mkrishna477](https://rapidapi.com/user/mkrishna477)
- 📺 [youtube.com/@toolweb-009](https://youtube.com/@toolweb-009)
Map attacker behavior text or security report files to MITRE ATT&CK techniques, tactics, detection guidance, mitigation, and threat actor associations.
# MITRE ATT&CK Technique Mapper
Map threat descriptions, incident reports, or security observations to MITRE ATT&CK techniques and tactics. Submit free-text describing attacker behavior or upload a security report file — get back matched ATT&CK technique IDs, tactic categories, kill chain position, detection guidance, and mitigation recommendations.
---
## Usage
This endpoint uses `multipart/form-data` — not JSON. Submit either a text description (`input`) or a file upload (`file`), or both together.
### Option 1 — Text Input
```bash
curl -X POST https://portal.toolweb.in/apis/security/mitre-attack-mapper/map-technique \
-H "X-API-Key: YOUR_API_KEY" \
-F "input=Attacker used spearphishing email with malicious Office macro to gain initial access, then ran PowerShell to enumerate local users and dump credentials from LSASS memory"
```
### Option 2 — File Upload
```bash
curl -X POST https://portal.toolweb.in/apis/security/mitre-attack-mapper/map-technique \
-H "X-API-Key: YOUR_API_KEY" \
-F "file=@incident_report.pdf"
```
### Option 3 — Text + File Combined
```bash
curl -X POST https://portal.toolweb.in/apis/security/mitre-attack-mapper/map-technique \
-H "X-API-Key: YOUR_API_KEY" \
-F "input=Focus on lateral movement and credential access techniques" \
-F "file=@threat_intel_report.txt"
```
---
## Parameters
Request content type: `multipart/form-data`
| Field | Type | Required | Description |
|-------|------|----------|-------------|
| `input` | string | ❌ | Free-text description of attacker behavior, threat intelligence, or incident details. Default: empty string |
| `file` | binary file | ❌ | Upload a security report, threat intel document, SIEM alert export, or incident log (PDF, TXT, DOCX, CSV) |
> At least one of `input` or `file` should be provided for a meaningful result.
### What to put in `input`
Describe attacker behavior in plain language or paste raw threat intelligence. Examples:
- Incident narrative: *"Attacker gained access via phishing, established persistence using a scheduled task, and exfiltrated data to an external FTP server"*
- SIEM alert text: *"Suspicious PowerShell execution with encoded command, parent process: winword.exe"*
- Threat actor TTP summary: *"APT group used living-off-the-land binaries, disabled Windows Defender via registry modification, and moved laterally using PsExec"*
- CVE description: *"Exploit of public-facing application via SQL injection to achieve remote code execution"*
### What to upload as `file`
- Incident response reports (PDF, DOCX)
- Threat intelligence bulletins (PDF, TXT)
- SIEM/EDR alert exports (CSV, TXT)
- Penetration test findings (PDF, DOCX)
- Malware analysis reports (TXT, PDF)
---
## What You Get
- **Matched ATT&CK techniques** — technique IDs (e.g., T1566.001), names, and confidence scores
- **Tactic mapping** — which kill chain phase each technique belongs to (Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Discovery, Lateral Movement, Collection, Exfiltration, Command & Control, Impact)
- **ATT&CK Navigator layer** — exportable technique coverage for visualization
- **Detection guidance** — log sources, SIEM queries, and indicators to look for per technique
- **Mitigation recommendations** — ATT&CK M-series mitigations mapped to each identified technique
- **Threat actor association** — known APT groups or threat actors that use the identified technique combination
---
## Example Output
```json
{
"techniques_identified": 4,
"confidence": "High",
"mapped_techniques": [
{
"technique_id": "T1566.001",
"technique_name": "Phishing: Spearphishing Attachment",
"tactic": "Initial Access",
"confidence": 0.95,
"detection": "Monitor email gateway logs for Office documents with macros; alert on winword.exe spawning child processes",
"mitigations": ["M1049 - Antivirus/Antimalware", "M1031 - Network Intrusion Prevention", "M1017 - User Training"]
},
{
"technique_id": "T1059.001",
"technique_name": "Command and Scripting Interpreter: PowerShell",
"tactic": "Execution",
"confidence": 0.92,
"detection": "Enable PowerShell ScriptBlock logging (Event ID 4104); alert on encoded commands (-EncodedCommand)",
"mitigations": ["M1049 - Antivirus/Antimalware", "M1038 - Execution Prevention", "M1026 - Privileged Account Management"]
},
{
"technique_id": "T1087.001",
"technique_name": "Account Discovery: Local Account",
"tactic": "Discovery",
"confidence": 0.88,
"detection": "Monitor for net user, whoami /all, Get-LocalUser execution",
"mitigations": ["M1028 - Operating System Configuration"]
},
{
"technique_id": "T1003.001",
"technique_name": "OS Credential Dumping: LSASS Memory",
"tactic": "Credential Access",
"confidence": 0.97,
"detection": "Monitor for lsass.exe memory access (Sysmon Event ID 10); alert on procdump, mimikatz, Task Manager targeting lsass",
"mitigations": ["M1043 - Credential Access Protection", "M1028 - Operating System Configuration", "M1026 - Privileged Account Management"]
}
],
"threat_actor_associations": ["APT29", "FIN7", "Lazarus Group"],
"kill_chain_coverage": ["Initial Access", "Execution", "Discovery", "Credential Access"]
}
```
---
## API Reference
**Base URL:** `https://portal.toolweb.in/apis/security/mitre-attack-mapper`
| Endpoint | Method | Content-Type | Description |
|----------|--------|--------------|-------------|
| `/map-technique` | POST | `multipart/form-data` | Map text or file to MITRE ATT&CK techniques |
**Authentication:** Pass your API key as `X-API-Key` header or `mcp_api_key` argument via MCP.
---
## Pricing
| Plan | Daily Limit | Monthly Limit | Price |
|------|-------------|---------------|-------|
| Free | 5 / day | 50 / month | $0 |
| Developer | 20 / day | 500 / month | $39 |
| Professional | 200 / day | 5,000 / month | $99 |
| Enterprise | 100,000 / day | 1,000,000 / month | $299 |
---
## About
**ToolWeb.in** — 200+ security APIs, CISSP & CISM certified, built for enterprise security practitioners.
Platforms: Pay-per-run · API Gateway · MCP Server · OpenClaw · RapidAPI · YouTube
- 🌐 [toolweb.in](https://toolweb.in)
- 🔌 [portal.toolweb.in](https://portal.toolweb.in)
- 🤖 [hub.toolweb.in](https://hub.toolweb.in) (MCP Server)
- 🦞 [toolweb.in/openclaw/](https://toolweb.in/openclaw/)
- ⚡ [rapidapi.com/user/mkrishna477](https://rapidapi.com/user/mkrishna477)
- 📺 [youtube.com/@toolweb-009](https://youtube.com/@toolweb-009)
Generate a detailed Privacy Impact Assessment and DPO report by describing your company, data types, processing purposes, systems, and sharing partners for G...
# Privacy Compliance Assistant
Generate a Privacy Impact Assessment (PIA) and Data Protection Officer (DPO) advisory report for your organization. Describe your company type, the personal data you process, your processing purpose, systems in use, and data sharing relationships — get back a comprehensive privacy compliance report aligned to GDPR, CCPA, and global privacy regulations.
---
## Usage
```json
{
"tool": "privacy_compliance_assistant",
"input": {
"company_type": "SaaS Platform",
"data_types": ["Name", "Email Address", "IP Address", "Payment Information", "Usage Analytics"],
"processing_purpose": "Providing subscription-based project management software to business customers and processing payments",
"systems_used": ["AWS RDS", "Stripe", "HubSpot CRM", "Google Analytics", "Intercom"],
"data_shared_with": ["Stripe (payment processing)", "HubSpot (CRM/marketing)", "AWS (infrastructure)", "Intercom (customer support)"]
}
}
```
---
## Parameters
All fields are **required**.
| Field | Type | Description |
|-------|------|-------------|
| `company_type` | string | Type of organization. Examples: `SaaS Platform`, `E-commerce`, `Healthcare Provider`, `Financial Services`, `HR Tech`, `EdTech`, `Marketplace`, `Enterprise Software` |
| `data_types` | array | Types of personal data collected/processed. Examples: `Name`, `Email Address`, `Phone Number`, `IP Address`, `Payment Information`, `Health Records`, `Biometric Data`, `Location Data`, `Cookies`, `Usage Analytics`, `Government ID` |
| `processing_purpose` | string | Clear description of why personal data is collected and how it is used |
| `systems_used` | array | Technology systems, platforms, and tools used to store or process personal data. Examples: `AWS RDS`, `Salesforce`, `Stripe`, `Google Analytics`, `Okta`, `Snowflake`, `Mailchimp` |
| `data_shared_with` | array | Third parties with whom personal data is shared, including purpose. Examples: `Stripe (payment processing)`, `Google Analytics (web analytics)`, `AWS (infrastructure hosting)` |
---
## What You Get
- **Privacy Impact Assessment (PIA)** — structured assessment of privacy risks across the data lifecycle
- **Data Processing Register entry** — Article 30 GDPR-compliant record of processing activities (ROPA)
- **Legal basis analysis** — recommended lawful basis for each processing activity (consent, legitimate interest, contract, legal obligation)
- **Data subject rights checklist** — how to fulfill access, erasure, portability, and objection requests
- **Third-party risk summary** — privacy risk assessment for each data sharing relationship
- **Retention and deletion guidance** — recommended data retention periods per data type
- **Cross-border transfer analysis** — flags if data transfers outside EEA/adequate countries require SCCs or BCRs
- **Remediation recommendations** — prioritized actions to close privacy compliance gaps
---
## Example Output
```json
{
"company_type": "SaaS Platform",
"pia_risk_rating": "Medium",
"gdpr_applicable": true,
"ccpa_applicable": true,
"processing_activities": [
{
"purpose": "Payment processing",
"data_types": ["Name", "Payment Information"],
"legal_basis": "Contract (Article 6(1)(b))",
"retention_period": "7 years (financial regulation)",
"cross_border_transfer": false
},
{
"purpose": "Usage analytics",
"data_types": ["IP Address", "Usage Analytics"],
"legal_basis": "Legitimate Interest (Article 6(1)(f))",
"retention_period": "26 months",
"cross_border_transfer": true,
"transfer_mechanism": "Standard Contractual Clauses (SCCs)"
}
],
"third_party_risks": [
{
"vendor": "Google Analytics",
"risk": "High — US-based transfer, requires SCCs and consent banner",
"action": "Implement cookie consent and execute DPA with Google"
}
],
"data_subject_rights": {
"access": "Implement self-service data export in account settings",
"erasure": "Build account deletion workflow with cascade delete",
"portability": "Provide JSON/CSV export of user data",
"objection": "Allow opt-out of analytics tracking"
},
"top_gaps": [
"No Data Processing Agreement (DPA) executed with Google Analytics",
"No cookie consent mechanism for analytics tracking",
"Privacy policy does not document all third-party data sharing",
"No formal data retention and deletion schedule"
],
"immediate_actions": [
"Execute DPAs with all data processors (Stripe, HubSpot, Intercom, AWS)",
"Deploy cookie consent banner covering analytics and marketing cookies",
"Update privacy policy to include complete ROPA disclosures"
]
}
```
---
## API Reference
**Base URL:** `https://portal.toolweb.in/apis/compliance/privacy-assistant`
| Endpoint | Method | Description |
|----------|--------|-------------|
| `/generate-dpo` | POST | Generate Privacy Impact Assessment and DPO advisory report |
**Authentication:** Pass your API key as `X-API-Key` header or `mcp_api_key` argument via MCP.
---
## Pricing
| Plan | Daily Limit | Monthly Limit | Price |
|------|-------------|---------------|-------|
| Free | 5 / day | 50 / month | $0 |
| Developer | 20 / day | 500 / month | $39 |
| Professional | 200 / day | 5,000 / month | $99 |
| Enterprise | 100,000 / day | 1,000,000 / month | $299 |
---
## About
**ToolWeb.in** — 200+ security APIs, CISSP & CISM certified, built for enterprise compliance practitioners.
Platforms: Pay-per-run · API Gateway · MCP Server · OpenClaw · RapidAPI · YouTube
- 🌐 [toolweb.in](https://toolweb.in)
- 🔌 [portal.toolweb.in](https://portal.toolweb.in)
- 🤖 [hub.toolweb.in](https://hub.toolweb.in) (MCP Server)
- 🦞 [toolweb.in/openclaw/](https://toolweb.in/openclaw/)
- ⚡ [rapidapi.com/user/mkrishna477](https://rapidapi.com/user/mkrishna477)
- 📺 [youtube.com/@toolweb-009](https://youtube.com/@toolweb-009)