anyrun-sdk 1.10.9

This is the official Python client library for ANY.RUN. Automate management of ANY.RUN REST endpoints

---

ANY.RUN SDK

This is the official Python client library for ANY.RUN, supporting the cybersecurity solutions like the Interactive Sandbox, TI Lookup, and TI Feeds.
With this library you can interact with the ANY.RUN REST API and automate your workflow quickly and efficiently.

Available features

• Built-in objects iterator and exception handling
• Synchronous and asynchronous interface
• Python 3.9-3.13 support

Sandbox API

ANY.RUN Sandbox is an online interactive sandbox for malware analysis, a tool for detection, monitoring, and research of cyber threats in real time.

• Submit files and URLs for analysis
• Monitor analysis progress in real-time
• Get detailed reports
• Manage the tasks

TI Lookup API and YARA Search

TI Lookup is a searchable database of IOCs, IOAs, IOBs, and events for threat hunting and a service for browsing malicious files by their content. Perform deep searches, look up threats online, and enrich your security solutions.

• Look up URLs and file hashes
• Search for IOCs using YARA rules
• Get threat intelligence data
• Monitor search progress in real time
• Get detailed analysis results

TI Feeds API

Threat Intelligence Feeds provide data on the known indicators of compromise: malicious IPs, URLs, Domains Supports the following feed formats:

• MISP
• TAXII STIX
• Network IOCs

Note:

Please inline ANY.RUN API-Key and Basic authorization token using the prefix:

API-KEY format: API-KEY WmNfqnpo...2Sjon7mtvm8e 

Basic token format: Basic c2VtZW5f...GCd0RvUg==

The library public interface overview

import os
from pprint import pprint

from anyrun.connectors import SandboxConnector


def main():
    with SandboxConnector.android(api_key) as connector:
        # Initialize the url analysis
        task_id = connector.run_url_analysis('https://any.run')
        print(f'Analysis successfully initialized. Task uuid: {task_id}')
        
        # View analysis status in real time
        for status in connector.get_task_status(task_id):
            print(status)
        
        # Get report results
        report = connector.get_analysis_report(task_id)
        pprint(report)
        
        # Remove the task from history
        connector.delete_task(task_id)


if __name__ == '__main__':
    # Setup ANY.RUN api key
    api_key = os.getenv('ANY_RUN_Sandbox_API_KEY')
    main()

You can find additional usage examples here

Installation Guide

You can install the SDK using pip or any other package manager

$ pip install anyrun-sdk

Also, you can install the SDK manually using pyproject.toml

$ git clone git@github.com:anyrun/anyrun-sdk.git
$ cd anyrun-sdk
$ python -m pip install .

Contributing

We welcome contributions! Please see our Contributing Guide for details.

Useful links

TI Lookup query Guide
ANY.RUN API documentation

Contact us

Support, sales, and trial inquiries – support@any.run
Public relations and partnerships – pr@any.run