malware-intel
Triage (tria.ge)
An automated malware sandbox run by Recorded Future, with a large public corpus of analyzed samples. Public reports are searchable by file hash, and API access uses a token from a free Researcher account. A good next step after a hash lookup elsewhere, when you want to see what a sample actually does when executed.
API key required
Why it’s useful & how it works
Free Researcher account → token. Works via proxy (direct errored). JSON hash search.
What’s inside
Large public sample corpus.
API access
https://tria.ge/api/v0/search?query=sha256: <h> (Bearer token)
An API key is required — usually free; see the endpoints above for where to get one.
Access
Programmatic API access (a key may be required — see the API tag).