How to Automatically Detect Content Threats in an Input String using C/C++

A variety of common cyber-attack vectors can be identified from text input. Using the complementary code examples provided below, you can take advantage of a free security API equipped to detect Cross-Site Scripting (XSS), SQL Injection (SQLI), XML External Entity threats (XXE), Server-Side Request Forgeries (SSRF), and JSON Insecure Deserialization threats (JID) in a single request.

You can structure your API request by first installing libcurl in your project:

libcurl/7.75.0

And then copying the ready-to-run code below:

CURL *curl;
CURLcode res;
curl = curl_easy_init();
if(curl) {
     curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "POST");
     curl_easy_setopt(curl, CURLOPT_URL, "https://api.cloudmersive.com/security/threat-detection/content/automatic/detect/string");
     curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
     curl_easy_setopt(curl, CURLOPT_DEFAULT_PROTOCOL, "https");
     struct curl_slist *headers = NULL;
     headers = curl_slist_append(headers, "Content-Type: application/json");
     headers = curl_slist_append(headers, "Apikey: YOUR-API-KEY-HERE");
     curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);
     const char *data = "\"<string>\"";
     curl_easy_setopt(curl, CURLOPT_POSTFIELDS, data);
     res = curl_easy_perform(curl);
}
curl_easy_cleanup(curl);

You can then make up to 800 API requests for free (with no additional commitment) by providing a free-tier API key in the authorization header.

Refer to the below JSON object for an example response value:

{
  "Successful": true,
  "CleanResult": true,
  "ContainedJsonInsecureDeserializationAttack": true,
  "ContainedXssThreat": true,
  "ContainedXxeThreat": true,
  "ContainedSqlInjectionThreat": true,
  "ContainedSsrfThreat": true,
  "IsXML": true,
  "IsJSON": true,
  "IsURL": true,
  "OriginalInput": "string"
}