API

Network Packet Threat Analyzer API

The Network Packet Threat Analyzer API empowers security teams, SOC analysts, and developers to detect malicious traffic patterns, protocol anomalies, and potential C2 beaconing directly from PCAP files or raw packet data.
It’s a lightweight yet powerful tool that brings enterprise-grade network forensics and traffic intelligence into your apps, dashboards, and automated defense workflows.

The API caters to a wide range of programming languages, including but not limited to: C, Clojure, C#, GO, Java, JavaScript, Kotlin, Node.js, Objective-C, OCaml, PHP, PowerShell, Python, R, RapidQL, Ruby, Shell, and Swift.

Subscribe to Network Packet Threat Analyzer API

Introduction

API Overview

The API exposes a single /analyze endpoint with both GET and POST support:

GET → Testing only (analyzes the built-in test_capture.pcap).
POST → Production-ready analysis (via multipart form upload, raw bytes, or JSON Base64).

Output includes threat scores, detection summaries, protocol usage metrics, and anomalies, making it ideal for:

SOC automation pipelines
Enterprise monitoring systems
Custom dashboards for SecOps
Forensic & malware analysis labs

Key Features:

Threat Detection → Identifies malicious/suspicious traffic and anomalies.

C2 Beaconing Detection → Flags potential command-and-control traffic.

Protocol Analysis → Reports total packets, protocols observed (TCP, UDP, etc.).

Threat Scoring → Risk score from 0–100 for quick triage.

Flexible Input Support → Multipart PCAP upload, raw bytes, or JSON Base64.

Test Mode → Built-in GET endpoint for demo/analyst testing with local PCAP.

Additional Highlights:

Lightweight & Fast → Rapid API response times for live or automated use.

Seamless SOC Integration → Perfect fit for SIEMs, SOAR tools, or custom alerting.

Structured JSON Output → Clean, machine-readable results for dashboards and scripts.

Error Handling → Clear messages for invalid PCAPs, malformed inputs, or unsupported formats.

Enterprise-Ready → Detects protocol irregularities and hidden traffic patterns.

Endpoints

/input

Endpoints Overview

Analyze Network Packets

Analyze network packet captures (PCAP files) to detect malicious traffic, suspicious patterns, malware callbacks, and intrusion attempts. Ideal for SOC teams, researchers, and automated threat detection pipelines.

Endpoint:

GET & POST: /input

Parameters:

Name	Type	Required	Description
`pcap_b64`	string	✅ Yes	Base64-encoded contents of the PCAP file. Encodes the entire `.pcap` binary for safe transport over HTTP.

Python Requests Example:

import requests
url = "https://network-packet-threat-analyzer-api.p.rapidapi.com/analyze"
payload = {
"pcap_b64": "<base64_string>"
}
headers = {
"x-rapidapi-host": "network-packet-threat-analyzer-api.p.rapidapi.com",
"x-rapidapi-key": "YOUR_RAPIDAPI_KEY",
"Content-Type": "application/json"
}
response = requests.post(url, json=payload, headers=headers)
print(response.json())

Response Example:

{
"detections": [],
"metrics": {
"analysis_time_seconds": 0.003,
"average_payload_entropy": 0,
"duration_seconds": 0.0004951953887939453,
"file_size_bytes": 374,
"packets": 5,
"top_ports": [
[
80,
5
],
[
1024,
1
],
[
1025,
1
],
[
1026,
1
],
[
1027,
1
],
[
1028,
1
]
],
"top_protocols": [
{
"count": 5,
"proto": "ethernet"
}
],
"unique_dst_ips": 1,
"unique_src_ips": 1
},
"status": "ok",
"summary": {
"duration_seconds": 0.0004951953887939453,
"packets_analyzed": 5,
"threat_level": "low",
"unique_dst_count": 1,
"unique_src_count": 1
},
"threat_score": 0
}

Subscribe to Network Packet Threat Analyzer API

Subscribe on RapidAPI

Head over to our API listing on RapidAPI and click the “Subscribe” button. Choose a plan that fits your needs — from free testing to full-scale production.

Get Your API Key

Once subscribed, grab your unique X-RapidAPI-Key from the "Endpoints" tab. You’ll use this key to authenticate all your requests securely.

Start Making Requests

Use the provided code snippets or integrate directly into your app. Send requests to any available endpoint and enjoy seamless access to our powerful API features.

Network Packet Threat Analyzer API

API

Network Packet Threat Analyzer API

Introduction

API Overview

Key Features:

Additional Highlights:

Endpoints

Endpoints Overview

Analyze Network Packets

Subscribe on RapidAPI

Get Your API Key

Start Making Requests

Frequently Asked Questions

What does the Network Packet Threat Analyzer API do?

Can I use this API for production SOC monitoring?

What’s the purpose of the GET method?

How does the threat scoring work?

What file formats are supported for input?

Let's Get Started Today!