Skip to content

Latest commit

 

History

History
103 lines (75 loc) · 3.36 KB

README.md

File metadata and controls

103 lines (75 loc) · 3.36 KB

ANY.RUN logo

ANY.RUN SDK

This is the official Python client library for ANY.RUN, supporting the cybersecurity solutions like the Interactive Sandbox, TI Lookup, and TI Feeds.
With this library you can interact with the ANY.RUN REST API and automate your workflow quickly and efficiently.

Available features

  • Built-in objects iterator and exception handling
  • Synchronous and asynchronous interface
  • Python 3.9-3.13 support

Sandbox API

ANY.RUN Sandbox is an online interactive sandbox for malware analysis, a tool for detection, monitoring, and research of cyber threats in real time.

  • Submit files and URLs for analysis
  • Monitor analysis progress in real-time
  • Get detailed reports
  • Manage the tasks

TI Lookup API and YARA Search

TI Lookup is a searchable database of IOCs, IOAs, IOBs, and events for threat hunting and a service for browsing malicious files by their content. Perform deep searches, look up threats online, and enrich your security solutions.

  • Look up URLs and file hashes
  • Search for IOCs using YARA rules
  • Get threat intelligence data
  • Monitor search progress in real time
  • Get detailed analysis results

TI Feeds API

Threat Intelligence Feeds provide data on the known indicators of compromise: malicious IPs, URLs, domains, files, and ports. Supports the following feed formats:

  • MISP
  • STIX
  • Network IOCs

The library public interface overview

import os

from anyrun.connectors import SandboxConnector


def main():
    with SandboxConnector.android(api_key) as connector:
        # Initialize the url analysis
        task_id = connector.run_url_analysis('https://any.run')
        print(f'Analysis successfully initialized. Task uuid: {task_id}')
        
        # View analysis status in real time
        for status in connector.get_task_status(task_id):
            print(status)
        
        # Get report results
        report = connector.get_analysis_report(task_id)
        print(report if report else 'No threats were found during the analysis')
        
        # Remove the task from history
        connector.delete_task(task_id)


if __name__ == '__main__':
    # Setup ANY.RUN api key
    api_key = os.getenv('ANY_RUN_Sandbox_API_KEY')
    main()

You can find additional usage examples here

Installation Guide

You can install the SDK using pip or any other package manager

$ pip install anyrun-sdk

Also, you can install the SDK manually using pyproject.toml

$ git clone git@github.com:anyrun/anyrun-sdk.git
$ cd anyrun-sdk
$ python -m pip install .

Contributing

We welcome contributions! Please see our Contributing Guide for details.

Useful links

TI Lookup query Guide
ANY.RUN API documentation

Contact us

Support, sales, and trial inquiries – support@any.run
Public relations and partnerships – pr@any.run