API Keys
The API Keys category configures third-party service integrations used for OSINT (Open Source Intelligence) and data enrichment. These API keys enable Hawkra to pull in external threat intelligence, vulnerability data, breach information, and search results to enhance your security assessments.
All API keys in this category are stored encrypted in the database and appear masked on the settings page. Click Change to enter or update a key.
Optional Keys
All API keys are optional. Features that depend on a specific key will display a message indicating the key is not configured when you attempt to use them. You can add keys at any time — no restart is required.
Settings Reference
| Setting | Key | Description | Get a Key |
|---|---|---|---|
| Shodan API Key | shodan_api_key | Host reconnaissance and network intelligence enrichment | shodan.io |
| HIBP API Key | hibp_api_key | Check email addresses against known data breaches | haveibeenpwned.com (paid) |
| GeoIP API Key | geoip_api_key | Geographic intelligence on IP addresses | ipinfo.io, ipgeolocation.io |
| NVD API Key | nvd_api_key | Enrich vulnerabilities with CVSS scores and references. Without a key, NVD rate-limits to 5 req/30s; with a key, 50. | nvd.nist.gov (free) |
Configuration via Environment Variables
| Setting | Environment Variable |
|---|---|
| Shodan API Key | SHODAN_API_KEY |
| HIBP API Key | HIBP_API_KEY |
| GeoIP API Key | GEOIP_API_KEY |
| NVD API Key | NVD_API_KEY |