IoTVAS API
firmalyzer · IoT
IOTVAS API enables you to discover IoT/Connected devices in the network and provides detailed real-time risk analysis, including firmware vulnerability analysis without requiring the user to upload the firmware file. Please visit the [signup page](https://iotvas-api.firmalyzer.com/portal/signup) to create an API key. IoTVAS API can be easily integrated with vulnerability scanning and network port scanner tools. For example, we have also released the [IOTVAS NSE script](https://g
Authentication
Sample Requests
Get default accounts and password hashes of a firmware
Hover any highlighted part to learn what it does
curl -X GET "https://api.apis.guru/v2/specs/firmalyzer.com/iotvas/1.0/firmware/{firmware_hash}/accounts"import requests
response = requests.get(
"https://api.apis.guru/v2/specs/firmalyzer.com/iotvas/1.0/firmware/{firmware_hash}/accounts",
)
print(response.json())const url = 'https://api.apis.guru/v2/specs/firmalyzer.com/iotvas/1.0/firmware/{firmware_hash}/accounts';
const response = await fetch(url);
const data = await response.json();
console.log(data);package main
import (
"fmt"
"io"
"net/http"
)
func main() {
targetURL := "https://api.apis.guru/v2/specs/firmalyzer.com/iotvas/1.0/firmware/{firmware_hash}/accounts"
req, _ := http.NewRequest("GET", targetURL, nil)
client := &http.Client{}
resp, _ := client.Do(req)
defer resp.Body.Close()
body, _ := io.ReadAll(resp.Body)
fmt.Println(string(body))
}require "net/http"
require "json"
uri = URI("https://api.apis.guru/v2/specs/firmalyzer.com/iotvas/1.0/firmware/{firmware_hash}/accounts")
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = uri.scheme == "https"
req = Net::HTTP::Get.new(uri)
res = http.request(req)
puts JSON.parse(res.body)<?php
$url = "https://api.apis.guru/v2/specs/firmalyzer.com/iotvas/1.0/firmware/{firmware_hash}/accounts";
$opts = ["http" => [
"method" => "GET",
]];
$ctx = stream_context_create($opts);
$res = file_get_contents($url, false, $ctx);
print_r(json_decode($res, true));Get default OS configuration issues of a device firmware
Hover any highlighted part to learn what it does
curl -X GET "https://api.apis.guru/v2/specs/firmalyzer.com/iotvas/1.0/firmware/{firmware_hash}/config-issues"import requests
response = requests.get(
"https://api.apis.guru/v2/specs/firmalyzer.com/iotvas/1.0/firmware/{firmware_hash}/config-issues",
)
print(response.json())const url = 'https://api.apis.guru/v2/specs/firmalyzer.com/iotvas/1.0/firmware/{firmware_hash}/config-issues';
const response = await fetch(url);
const data = await response.json();
console.log(data);package main
import (
"fmt"
"io"
"net/http"
)
func main() {
targetURL := "https://api.apis.guru/v2/specs/firmalyzer.com/iotvas/1.0/firmware/{firmware_hash}/config-issues"
req, _ := http.NewRequest("GET", targetURL, nil)
client := &http.Client{}
resp, _ := client.Do(req)
defer resp.Body.Close()
body, _ := io.ReadAll(resp.Body)
fmt.Println(string(body))
}require "net/http"
require "json"
uri = URI("https://api.apis.guru/v2/specs/firmalyzer.com/iotvas/1.0/firmware/{firmware_hash}/config-issues")
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = uri.scheme == "https"
req = Net::HTTP::Get.new(uri)
res = http.request(req)
puts JSON.parse(res.body)<?php
$url = "https://api.apis.guru/v2/specs/firmalyzer.com/iotvas/1.0/firmware/{firmware_hash}/config-issues";
$opts = ["http" => [
"method" => "GET",
]];
$ctx = stream_context_create($opts);
$res = file_get_contents($url, false, $ctx);
print_r(json_decode($res, true));Get expired digital certificates embedded in a device firmware
Hover any highlighted part to learn what it does
curl -X GET "https://api.apis.guru/v2/specs/firmalyzer.com/iotvas/1.0/firmware/{firmware_hash}/expired-certs"import requests
response = requests.get(
"https://api.apis.guru/v2/specs/firmalyzer.com/iotvas/1.0/firmware/{firmware_hash}/expired-certs",
)
print(response.json())const url = 'https://api.apis.guru/v2/specs/firmalyzer.com/iotvas/1.0/firmware/{firmware_hash}/expired-certs';
const response = await fetch(url);
const data = await response.json();
console.log(data);package main
import (
"fmt"
"io"
"net/http"
)
func main() {
targetURL := "https://api.apis.guru/v2/specs/firmalyzer.com/iotvas/1.0/firmware/{firmware_hash}/expired-certs"
req, _ := http.NewRequest("GET", targetURL, nil)
client := &http.Client{}
resp, _ := client.Do(req)
defer resp.Body.Close()
body, _ := io.ReadAll(resp.Body)
fmt.Println(string(body))
}require "net/http"
require "json"
uri = URI("https://api.apis.guru/v2/specs/firmalyzer.com/iotvas/1.0/firmware/{firmware_hash}/expired-certs")
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = uri.scheme == "https"
req = Net::HTTP::Get.new(uri)
res = http.request(req)
puts JSON.parse(res.body)<?php
$url = "https://api.apis.guru/v2/specs/firmalyzer.com/iotvas/1.0/firmware/{firmware_hash}/expired-certs";
$opts = ["http" => [
"method" => "GET",
]];
$ctx = stream_context_create($opts);
$res = file_get_contents($url, false, $ctx);
print_r(json_decode($res, true));Postman Setup Guide
- See official documentation for authentication and setup.
What can you build with IoTVAS API?
IoTVAS API is a IoT API. Developers commonly use iot APIs for:
- collecting and streaming sensor and device data
- monitoring and controlling connected devices
- building smart-home and industrial dashboards
- processing device telemetry at scale
- automating device provisioning and alerting
No authentication required. This API is open — no signup or key needed. Ideal for quick prototypes and public-facing features. IoTVAS API is free to use, making it a low-risk choice to experiment with.
New to APIs? Read our beginner's guide · Learn about API keys · What is REST?