Categories

Use this extension to analyze IOCs using various freeware OSINT sites.

Gives a popup that will allow you to search via a single input either IP address, file HASH, URL, or port number across multiple free use OSINT platforms. It opens the results as new tabs in the background.

=======
Usage
=======
Highlight an IOC on a webpage and right-click or right-click a link:
* Select Preferred Sites to search your chosen OSINT sites
* Select All Sites to search all OSINT sites
* Select IP,IPV6,HASH,URL,PORT to search a specific site for that type of IOC

--OR--

1. Launch extension - click icon or keyboard shortcut: Ctrl + Shift + F
   
2. Type or paste the IOC:
   
   • IP address (IPv4 or IPv6)
     
   • File HASH (MD5, SHA1, or SHA256)
     
   • URL (including Defanged URLs)
     
   • Port Number
     
3. Hit Enter or click Search
   
4. The extension should launch relevant OSINT sources in background tabs, depending on your input type.

=======
Options
=======
You now have the option to select the OSINT sites you would like to search for each IOC type.

1. Launch the extension and click the gear icon next to the search button.
2. Check the OSINT sites you would like to use.
3. You can also select which theme you would like to use for the extension.
4. Hit save at the bottom when done selecting. You should get a message that your settings have been saved.

=======
Credit
=======
Icon/Logo
Created by Anna Bączkowska
Source: Daily Icon - Google Drive

OSINT Sources - IP
============
VirusTotal - IPv4 ONLY
Scamalytics
AbuseIPDB
IBM X-Force
ISC SANS
Cisco Talos
AlienVault
ARIN
Shodan - IPv4 ONLY
Threatminer - IPv4 ONLY
Pulsedive

OSINT Sources - HASH
==============
VirusTotal
Hybrid Analysis
IBM X-Force
Cisco Talos - SHA256 ONLY
AlienVault
Threatminer
URLHaus - MD5 and SHA256 ONLY

OSINT Sources - URL
==============
VirusTotal
Norton SafeWeb
Sucuri
IBM X-Force
Cisco Talos
AlienVault
Shodan
URLHaus
Pulsedive

OSINT Sources - PORT
==============
Speedguide
IANA
ISC SANS

Tags: search security