// API Intelligence Fabric
Online security APIs connected with safe caching and allow-listed hosts.
NeoShieldSecurity calls only defensive, read-only sources by default. Paid services can be added later by placing keys in ../neoshield-secrets.php.
NVD CVE 2.0
Used by CVE lookup for vulnerability details and CVSS.
services.nvd.nist.gov
CISA KEV
Used for actively exploited vulnerability decisions and required action.
www.cisa.gov
MITRE ATT&CK
Prepared for ATT&CK mapping and future STIX enrichment.
raw.githubusercontent.com
API-enabled tools
AI Config Hardening Auditor
CIS-aligned hardening review of sshd, nginx/Apache, Dockerfile, compose, .env, Kubernetes, IAM, or CSP. Powered by Claude with an offline fallback. Config never stored.
API: claude + local
Local Port Scanner (safe)
Non-invasive TCP connect check of this server's own common ports.
API: local-only
IP Reputation Checker
Classify an IP and query public DNSBL blocklists.
API: dnsbl
HTTP Security Header Checker
Grade a public site's HTTP security headers (SSRF-guarded).
API: http-head
NVD CVE Lookup + Mitigation
Lookup CVE details from the public NVD CVE 2.0 API and produce defensive remediation guidance.
API: NVD 2.0
CISA KEV Exploitation Checker
Check whether a CVE appears in CISA Known Exploited Vulnerabilities and show required action.
API: CISA KEV JSON
Domain DNS Security Auditor
Review SPF, DMARC, MX, NS, and TXT records for basic domain security posture.
API: DNS
MITRE ATT&CK Technique Mapper
Map defensive observations to common MITRE ATT&CK tactics and mitigation ideas.
API: local + optional MITRE feed
Live feed check
Status: live