M
API Matrix

CAPEsandbox API

Anti-malware / API Key Intermediate HTTPS
Varies by plan (check documentation)
77 Score
Grade B
Visit Official Site Compare Alternatives

Overview

CAPEsandbox is an open-source malware analysis platform that executes suspicious files in an isolated environment and reports on their behavior. It detects techniques like code injection, ransomware activity, and network communications. Security researchers use it to understand what malware does without risking their own systems.

💡

Beginner Tip

CAPE is typically self-hosted or accessed via a public instance — start with the public instance at capesandbox.com before setting up your own. You need an API key from the instance administrator.

Available Data

Use case: Integrate malware execution and analysis data into web and mobile applications
CAPEsandbox data via REST API
JSON-formatted response data
Requires API key authentication

Example Response

JSON Response 
{
  "url": "https://example.com",
  "safe": true,
  "threat_level": "none",
  "categories": [
    "clean"
  ],
  "scan_date": "2025-01-15T10:00:00Z"
}

Field Reference

task_id Unique ID assigned to the submitted analysis task; use this to poll for results
status Current analysis state: pending, running, reported, or failed
added ISO 8601 timestamp when the task was queued
category Classification of the submission, such as file or url
target The filename or URL that was analyzed

Implementation Example 

const url = "https://capev2.readthedocs.io/en/latest/usage/";
// Replace headers or query params with the values required by this API.
const response = await fetch(url, {
  headers: {
  "X-API-Key": "YOUR_API_KEY"
  }
});
if (!response.ok) throw new Error(`Request failed: ${response.status}`);
const data = await response.json();
console.log(data);

What Can You Build?

Note: These code examples are AI-generated and unverified. Always refer to the official API documentation for accurate usage.

Common Errors & Troubleshooting

403 Forbidden Your API key does not have permission to access this endpoint on the instance
Contact the instance administrator to verify your key has the required permissions
400 Bad Request The submitted file type is not supported or the request body is malformed
Ensure you are sending a valid multipart/form-data POST with a supported file type
Task not found Polling a task ID that does not exist or has expired
Save the task ID returned at submission time and poll /tasks/status/{id} with that exact ID

Matrix Score Breakdown

🌐 Reachability 30/30
⚡ Speed 10/20
🔒 Security 15/15
🛠 Developer XP 12/20
✓ Reliability 10/15

Partially tested on Apr 5, 2026

Technical Specifications

Auth API Key
HTTPS REQUIRED
CORS UNKNOWN
Category Anti-malware
Difficulty Intermediate
Verified: 2026-04-04

Similar APIs

View All →

AbuseIPDB

77

AbuseIPDB lets you check whether an IP address has been reported for malicious activity like spam, hacking, or DDoS attacks.

API Key Intermediate HTTPS

AlienVault Open Threat Exchange (OTX)

0

AlienVault Open Threat Exchange (OTX) provides programmatic access to ip/domain/url reputation via REST API.

API Key Intermediate HTTPS

Google Safe Browsing

77

Google Safe Browsing lets you check any URL against Google's constantly updated lists of phishing sites, malware distributors, and unwanted software.

API Key Intermediate HTTPS

MalDatabase

0

MalDatabase provides programmatic access to provide malware datasets and threat intelligence feeds via REST API.

API Key Intermediate HTTPS

MalShare

69

MalShare is a free community-driven repository of malware samples that security researchers upload and share for analysis.

API Key Intermediate HTTPS