Google Safe Browsing API

 

Google Safe Browsing API

Build a Post

The Google Safe Browsing API is a service that enables applications to check URLs against the Google’s lists of suspected phishing and postulated malware pages.

cloudshell
Enabling the API

First you need an APIKey and an Enabler to this API otherwise:

GPost: Failed at getting response:403{
“error”: {
“code”: 403,
“message”: “Safe Browsing API has not been used in project 338972382324 before or it is disabled. Enable it by visiting https://console.developers.google.com/apis/api/safebrowsing.googleapis.com/overview?project=338972382324 then retry. If you enabled this API recently, wait a few minutes for the action to propagate to our systems and retry.”,
“status”: “PERMISSION_DENIED”,
“details”: [
{
“@type”: “type.googleapis.com/google.rpc.Help”,
“links”: [
{
“description”: “Google developers console API activation”,
“url”: “https://console.developers.google.com/apis/api/safebrowsing.googleapis.com/overview?project=338972382324”
}
]
},
{
“@type”: “type.googleapis.com/google.rpc.ErrorInfo”,
“reason”: “SERVICE_DISABLED”,
“domain”: “googleapis.com”,
“metadata”: {
“consumer”: “projects/338972382324”,
“service”: “safebrowsing.googleapis.com”
}
}
]
}
}

Public API enabled
enabled and runtime

The response body includes the match information (the list names and the URLs found on those lists, the metadata, if available, and the cache durations). For more details, see the threatMatches.find response body and the explanations that follow the code example.

Note: If there are no matches (that is, if none of the URLs specified in the request are found on any of the lists specified in a request), the HTTP POST response simply returns an empty object in the response body.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
procedure setTestData;
begin
JTESTDATA:=
  '{                                 '+LF+
  '"client": {                       '+LF+
  '  "clientId": "TestClient4",      '+LF+
  '  "clientVersion": "1.1"          '+LF+
  '},                                '+LF+
  '"threatInfo": {                   '+LF+
  '  "threatTypes":      ["MALWARE", "SOCIAL_ENGINEERING"],'+LF+
  '  "platformTypes":    ["LINUX"],                        '+LF+
  '  "threatEntryTypes": ["URL"],                          '+LF+
  '  "threatEntries": [                                    '+LF+
  '    {"url": "%s"}                        '+LF+
  '  ]                                                     '+LF+
  ' }                                                      '+LF+
  '}';
end;
 
 
function getPostGoogleAPI(feedstream, aApikey, tolang: string): string;
var
  Url,aAPI_KEY, source: string;
  jo, locate: TJSONObject;
  httpReq,hr: Olevariant;
  strm: TStringStream;
begin
  //setTestData before;
  httpReq:= CreateOleObject('WinHttp.WinHttpRequest.5.1');
  // Open the HTTPs connection. 
  try             
    hr:= httpReq.Open('POST',
               'https://safebrowsing.googleapis.com/v4/threatMatches:find?key='
                                                    +aApikey, false);
    httpReq.setRequestheader('user-agent',SUSERAGENT  );
    httpReq.setRequestheader('content-type','application/json');
    if hr= S_OK then HttpReq.Send(format(JTESTDATA,[feedstream]));
    //writeln(format(JTESTDATA,[feedstream]));
    If HttpReq.Status = 200 Then
       result:= HttpReq.responseText
    Else result:= 'Failed at getting response:'+itoa(HttpReq.Status)+HttpReq.responseText;
    //writeln('debug response '+HttpReq.GetAllResponseHeaders);    
  finally
    httpreq:= unassigned; 
  end;                 
end;
 
URLMALWARE ='http://malware.testing.google.test/testing/malware/';   
writeln('GPost: '+getPostGoogleAPI(URLMALWARE, GoogleApiKey,''));
 
>>> GPost: {
  "matches": [
    {
      "threatType": "MALWARE",
      "platformType": "LINUX",
      "threat": {
        "url": "http://malware.testing.google.test/testing/malware/"
      },
      "cacheDuration": "300s",
      "threatEntryType": "URL"
    }
  ]
}
 
{"client":{"clientId":"TestClient4","clientVersion":"1.1"},"threatInfo":{"threatTypes":["MALWARE","SOCIAL_ENGINEERING"],"platformTypes":["LINUX"],"threatEntryTypes":["URL"],"threatEntries":[{"url":"%s"}]}}
GPost: {}

Early binding with ALHTTPClient

http://www.softwareschule.ch/examples/alhttpclient2.txt

The matches object lists the names of the Safe Browsing lists and the URLs—if there is match. In the example, two URLs (urltocheck1.org and urltocheck2.org) were found on one of the Safe Browsing lists (MALWARE/WINDOWS/URL) so the matching information is returned. The third URL (urltocheck3.org) was not found on either list, so no information is returned for this URL postulate:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
function TALHTTPClient_Post5GoogleAPI(aUrl: AnsiString;
                       feedstream, aapiKey: string;
                       aResponseContentStream:TStream;
                       aResponseContentHeader:TALHTTPResponseHeader):string;
Var
   FRequestHeader: TALHTTPRequestHeader;
   aPoststream: TStream;
begin
  with TALWininetHttpClient.create do begin
    Url:= aURL + aApikey;
    RequestMethod:= HTTPmt_Post; //HTTPrm_Post;
    RequestHeader.UserAgent:= SUSERAGENT;
    RequestHeader.ContentType:= 'application/json';
    //LHttpClient.RequestHeader.RawHeaderText:='
    try
      aPoststream:= TStringStream.create(format(JTESTDATA,[feedstream]));
      result:= Post3(Url, aPoststream); //overload;
    finally
      Free;
      aPostStream.Free;
    end;
  end; //with  
end;
 
writeln('GPost2: '+
    TALHTTPClient_Post5GoogleAPI(URL_SAFEBROWSING,URLMALWARE,GoogleApiKey,
                                                             Nil, Nil));
>>> GPost2: {
  "matches": [
    {
      "threatType": "MALWARE",
      "platformType": "LINUX",
      "threat": {
        "url": "http://malware.testing.google.test/testing/malware/"
      },
      "cacheDuration": "300s",
      "threatEntryType": "URL"
    }
  ]
}
Metadata

The threatEntryMetadata field is optional and provides additional information about the threat match. Currently, metadata is available for the MALWARE/WINDOWS/URL Safe Browsing list (see Metadata).

Cache durations

The cacheDuration field indicates the amount of time the URL must be considered unsafe (see Caching).

Comments

Post a Comment

Popular posts from this blog

CNN Pipeline Train

Image
  maXbox Starter 96 – Evaluate a pre-trained CNN Model based on the Cifar10 dataset. There are two kinds of data scientists: 1) Those who can extrapolate from incomplete data. kaggle source Origin as pdf: http://www.softwareschule.ch/download/maxbox_starter96.pdf This machine learning tutor explains training the so called CIFAR-10 Image Classifier with loading and testing a pre-trained model. The pre-trained model is: SimpleSeparableImageClassifier124_50_2.nn This command line tool and script runs the CAI Network with CIFAR10 files; Utility to load cifar-10 image data into training and test data sets based on the script. Download the cifar-10 (python) version dataset from here, and extract the cifar-10-batches-1..5 folder into the same directory as the script (for validating use only test_batch.bin ). CIFAR-10 and CIFAR-100 datasets (toronto.edu) Note about to build SimpleSeparableImageClassifier The code contains example usage, and runs und...
Read more

TEE Models List

Image
  TEE Collection nach Baureihe Volume 78.3 July 2022 Ref Marke Kategorie Baureihe Jahr Signatur Bemerkung Land Spur TEE Name Art. Nr. 94   Map   1957 TEE Erste Karte in Europa, 70 Städte EU   Europ TEE Map 395   Card   1971 TEE SBB TEE Restaurant old EU   Europ TEE Map 785   Collection   2017 TEE Lima DB Rheingold,Roco SNCF9300 Talgo EU   Europ TEE Map 19 SBB Historic   Buch RAe II  2003 Ikone der Luxuszüge Exzellente Fotos, rich Story CH   Gottardo 3-905111-95 20 EK-Verlag Buch   2006 Schweiz TEE Schweiz Tolle Berichte, seltene Bilder Schweiz EU TEE Home     3-88255-697 95 Redactor V. Buch   1969 Guten Tag Europa TEE 120 S. mit 138 Bildern und 20 Karten D ...
Read more