How to Check URLs for Threats in C# .NET Framework

Cloudmersive
2 min readFeb 21, 2024

If we don’t rigorously validate inputs in our web applications, threat actors can submit malicious URLs in locations where other users might gain access to them. By implementing a URL scanning policy at critical entry points to our application, we can identify and neutralize URL threats before they reach a compromising location.

Using the below code, we can take advantage of a free API to scan URL inputs for threats like viruses or phishing links. When threats are identified, we’ll receive information about the website threat type in the API response body, and if identifiable viruses are detected, we’ll receive the virus name as well.

To structure our API call, we can start by installing the SDK. We can install via NuGet by running the below command in our Package Manager console:

Install-Package Cloudmersive.APIClient.NET.VirusScan -Version 3.0.4

Before we call the function, let’s first turn our attention to authorization. We’ll need a free API key to authorize our request; this will allow a limit of 800 API calls per month with no additional commitments.

With our API key ready, let’s copy the below code into our file to call the function. Let’s copy our API key into the indicated snippet, and then we can configure our URL string input:

using System;
using System.Diagnostics;
using Cloudmersive.APIClient.NET.VirusScan.Api;
using Cloudmersive.APIClient.NET.VirusScan.Client;
using Cloudmersive.APIClient.NET.VirusScan.Model;

namespace Example
{
public class ScanWebsiteExample
{
public void main()
{
// Configure API key authorization: Apikey
Configuration.Default.AddApiKey("Apikey", "YOUR_API_KEY");

var apiInstance = new ScanApi();
var input = new WebsiteScanRequest(); // WebsiteScanRequest |

try
{
// Scan a website for malicious content and threats
WebsiteScanResult result = apiInstance.ScanWebsite(input);
Debug.WriteLine(result);
}
catch (Exception e)
{
Debug.Print("Exception when calling ScanApi.ScanWebsite: " + e.Message );
}
}
}
}

Now we can easily check URL inputs for threats with minimal code. Easy!

--

--

Cloudmersive

There’s an API for that. Cloudmersive is a leader in Highly Scalable Cloud APIs.