ninoseki / mitaka Goto Github PK

View Code? Open in Web Editor NEW

1.3K 42.0 149.0 14.22 MB

A browser extension for OSINT search

License: MIT License

TypeScript 92.39% JavaScript 0.82% Shell 0.02% Vue 6.78%

chrome-extension security threat-intelligence osint

mitaka's Introduction

Mitaka

Mitaka is a browser extension that makes your OSINT (Open Source Intelligence) search & scan easier.

Key features:
- Auto IoC (indicators of compromise) selection with refanging.
  - E.g. example[.]com to example.com, test[at]example.com to [email protected], hxxp://example.com to http://example.com, etc.
- Supports 65+ services.

Install

Features

Supported IoCs (Indicators of Compromise)

Name	Desc.	E.g.
ANS	ASN	`AS13335`
BTC	BTC address	`1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa`
CVE	CVE number	`CVE-2018-11776`
Domain	Domain name	`github.com`
Email	Email address	`[email protected]`
ETH	Ethereum address	`0x32be343b94f860124dc4fee278fdcbd38c102d88`
GaPubID	Google Adsense Publisher ID	`pub-9383614236930773`
GaTrackID	Google Analytics Tracker ID	`UA-67609351-1`
Hash	MD5, SHA1, SHA256	`44d88612fea8a8f36de82e1278abb02f`
IP	IPv4 address	`8.8.8.8`
URL	URL	`https://github.com`

Supported Search Engines

Name	URL	Supported types
AbuseIPDB	https://www.abuseipdb.com	IP
AnyRun	https://app.any.run	Hash
apklab	https://apklab.io	Hash (SHA256)
archive.org	https://archive.org	URL
archive.today	http://archive.fo	URL
BGPView	https://bgpview.io	IP, ASN
BinaryEdge	https://app.binaryedge.io	IP, domain
BitcoinAbuse	https://www.bitcoinabuse.com	BTC
Blockchain.com	https://www.blockchain.com	BTC
Blockchair	https://blockchair.com	BTC, ETH
BlockCypher	https://live.blockcypher.com	BTC
Censys	https://censys.io	IP, domain, ASN, email
Checkphish	https://checkphish.ai	IP, domain
Coalition	https://ess.coalitioninc.com	CVE
crt.sh	https://crt.sh	Domain
DNSlytics	https://dnslytics.com	IP, domain
DomainTools	https://www.domaintools.com	IP, domain
EmailRep	https://emailrep.io	Email
FileScan.IO	https://filescan.io	Hash
FortiGuard	https://fortiguard.com	IP, URL, CVE
Google Safe Browsing	https://transparencyreport.google.com	Domain, URL
GreyNoise	https://viz.greynoise.io	IP, domain, ASN, CVE
Host.io	https://host.io	Domain
Hurricane Electric	https://bgp.he.net/	IP, domain, ASN
HybridAnalysis	https://www.hybrid-analysis.com	IP, domain, hash
Intezer	https://analyze.intezer.com	Hash
IPinfo	https://ipinfo.io	IP, ASN
IPIP	https://en.ipip.net	IP, ASN
Joe Sandbox	https://www.joesandbox.com	Hash
MalShare	https://malshare.com	Hash
Maltiverse	https://www.maltiverse.com	Domain, hash
MalwareBazaar	https://bazaar.abuse.ch	Hash
Malwares	https://www.malwares.com	Hash
NVD	https://nvd.nist.gov	CVE
OOCPR	https://data.occrp.org	Email
ONYPHE	https://www.onyphe.io	IP
OpenTIP	https://opentip.kaspersky.com	Hash
OTX	https://otx.alienvault.com	IP, domain, CVE, URL, hash
Pulsedive	https://pulsedive.com	IP, domain, URL, hash
Radar	https://radar.cloudflare.com	IP, domain
RiskIQ	http://community.riskiq.com	IP, domain, email, Google Analytics Tracker ID
Robtex	https://www.robtex.com	IP, domain
Scumware	https://www.scumware.org	IP, domain, hash (MD5)
SecurityTrails	https://securitytrails.com	IP, domain
Shodan	https://www.shodan.io	IP, domain, ASN
Sploitus	https://sploitus.com	CVE
SpyOnWeb	http://spyonweb.com	IP, domain, Google Adsense Publisher ID, Google Analytics Tracker ID
Spyse	https://spyse.com	IP, domain, ASN, CVE, email
Talos	https://talosintelligence.com	IP, domain
ThreatBook	https://threatbook.io	IP, domain
ThreatConnect	https://app.threatconnect.com	IP, domain, email
ThreatMiner	https://www.threatminer.org	IP, domain, hash
TIP	https://threatintelligenceplatform.com	IP, domain
Triage	https://tria.ge	Hash, URL
URLhaus	https://urlhaus.abuse.ch	IP, domain
urlscan.io	https://urlscan.io	IP, domain, ASN, URL
URLVoid	https://www.urlvoid.com	Domain
ViewDNS	https://viewdns.info	IP, domain, email
VirusTotal	https://www.virustotal.com	IP, domain, URL, hash
VMRay	https://www.vmray.com	Hash
Vulmon	https://vulmon.com	CVE
WebCheck	https://web-check.xyz	Domain
X-Force Exchange	https://exchange.xforce.ibmcloud.com	IP, domain, hash
ZoomEye	https://www.zoomeye.org	IP

Supported Scan Engines

name	url	supported types
Browserling	https://www.browserling.com	URL
HybridAnalysis	https://www.hybrid-analysis.com	URL
urlscan.io	https://urlscan.io	IP, domain, URL
VirusTotal	https://www.virustotal.com	URL

How To Use

Use Mitaka to Perform In-Browser OSINT to Identify Malware, Sketchy Sites, Shady Emails & More

Note: Please set your API keys in the options for enabling HybridAnalysis, urlscan.io and VirusTotal scans.

Options

You can enable / disable a search engine on the options page based on your preference.

Permissions

Note

I don't and will never collect any information from the users. You can verify it by reviewing the source code.

Firefox

Please allow "Access your data for all websites" permission. Otherwise this extension does not work.

Privacy Policy

Common Questions

Q. The context menu is not displayed.
- A. Sometimes it takes a while for the context menus to appear. Or something goes wrong while refreshing the context menus. This glitch can be solved by waiting for a second. Please take a breath after selecting and then right-click.

Alternatives or Similar Tools

Contribute

Read the contribution guide and join the contributors.

mitaka's People

Contributors

Stargazers

Watchers

Forkers

code4security grukz m00zh33 techrec13 lubyruffy superf0sh alchemycyberblaze itfoxnet digihash m4rm0k u53r55 mlgzackfly vaginessa patricktm17 silogit blacknon seronsecurity pokigogo qianniaoge flywithoutwings yucheng82 attackgithub suriya73 qman69 1337g chaos-monkey-island n4rr34n6 fa67 richardsonjf xynztya mariolasagna pbutler6163 bcp-infosec-repo quinn-yan pynpy youngjun-chang wolfking2 sirspiddy mmg1 actorexpose litchi125 ith4cker ispmdev 5l1v3r1 hackdyourshit polling-repo-continua danzee1 juju4 an0nym0u5101 librechain cyb3r0 starksquadhacking 00mjk orion01500 hacklab808 takijoe himel-sarkar darknesschieftain crackercat safisec hugoahosta thisisshubhamkumar eybisi fiuderazes pentestw0rkerbit0 dekoder jorik041 0xbarw thehappydinoa tommalvoriddle ehsandeep deepanjalkumar bvkup sumodgeorge davejroy scanpatch sk3lk0 adityanand37 optionalg israelccarvalho jotaah123 modulexcite pemontto jeromeyoung pokerok jez-github seadog007 yud121212 nidogski legly plasmo-foss alexrogalskiy scriptkkiddie deka1918 jawczan digitalarche lethanhgodz 0xsojalsec alexhaislip fredide

mitaka's Issues

Add DomainTools

DomainTools (https://www.domaintools.com/)
- Supported types: IP, Domain
- IP(1.1.1.1): https://whois.domaintools.com/1.1.1.1
- Domain(github.com): https://whois.domaintools.com/github.com

Disregard Issue/Request. Cannot find a way to delete this request.

Add VxCube support

VxCube(http://vxcube.com/)
- Supported types: ip, domain, hash
- IP(1.1.1.1): http://vxcube.com/tools/ip/1.1.1.1/whois
- Domain(github.com): http://vxcube.com/tools/domain/github.com/whois
- Hash(44d88612fea8a8f36de82e1278abb02f): http://vxcube.com/result/44d88612fea8a8f36de82e1278abb02f

Add Cisco SenderBase (Talos) support

Add SecurityTrails

I use SecurityTrails from time to time, and it would be very useful if you could do a search on SecurityTrails directly from the add-on.

https://securitytrails.com/
API Docs: https://docs.securitytrails.com/

Scanning hyperlinks without selecting them

Would be nice to have the ability to scan links without selecting it or being able to scan any hyperlink.

FR: add AbuseIPDB

Base URL:https://www.abuseipdb.com
Supported types: IP
- IP(1.1.1.1): https://www.abuseipdb.com/check/1.1.1.1

Add Support for get-site-ip.com

http://get-site-ip.com/
This page is the easiest way to find the IP address of a domain.

@ninoseki The browser extension is a very good tool, I use it very often, thanks for developing this tool.

Add BinaryEdge lookup

BinaryEdge(https://app.binaryedge.io/)
- Supported types: ip, domain
- IP(1.1.1.1): https://app.binaryedge.io/services/query?query=ip:1.1.1.1
- Domain(github.com): https://app.binaryedge.io/services/domains?query=github.com

Firefox Addons-support

Hi there,

Do you have a plan to support & porting Firefox addons compatible too? I'm interested with this tool 👍

Cheers,

Add BGPView support

Supported types: IP
- IP(1.1.1.1): https://bgpview.io/ip/1.1.1.1

Add SpyOnWeb support

http://spyonweb.com
- IP: http://spyonweb.com/1.1.1.1
- Domain: http://spyonweb.com/github.com

Add Pulsedive integration

Pulsedive: https://pulsedive.com/

It looks like a good one but I cannot find a good way to handle a search on the WebUI.
Is opening a JSON file (like a below link) in the browser useful for users? I'm not sure.

https://pulsedive.com/api/info.php?indicator=github.com&pretty=1

Error in response to storage.get: TypeError: Cannot read property 'urlscanApiKey' of undefined

Hi,
I hope this information is helpful to solve the problem.

!function(e){var t={};function n(r){if(t[r])return t[r].exports;var o=t[r]={i:r,l:!1,exports:{}};return e[r].call(o.exports,o,o.exports,n),o.l=!0,o.exports}n.m=e,n.c=t,n.d=function(e,t,r){n.o(e,t)||Object.defineProperty(e,t,{enumerable:!0,get:r})},n.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},n.t=function(e,t){if(1&t&&(e=n(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var r=Object.create(null);if(n.r(r),Object.defineProperty(r,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var o in e)n.d(r,o,function(t){return e[t]}.bind(null,o));return r},n.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return n.d(t,"a",t),t},n.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},n.p="",n(n.s=22)}({22:function(e,t,n){"use strict";function r(){const e=document.getElementById("urlscan-api-key"),t=document.getElementById("virustotal-api-key"),n={urlscanApiKey:e.value,virusTotalApiKey:t.value};n&&chrome.storage.sync.set({apiKeys:n},()=>{const e=document.getElementById("status");e&&(e.textContent="Options saved.")})}Object.defineProperty(t,"__esModule",{value:!0}),document.addEventListener("DOMContentLoaded",()=>{!function(){const e=document.getElementById("urlscan-api-key"),t=document.getElementById("virustotal-api-key");chrome.storage.sync.get("apiKeys",n=>{e&&(e.value=n.apiKeys.urlscanApiKey),t&&(t.value=n.apiKeys.virusTotalApiKey)})}();const e=document.getElementById("save");e&&e.addEventListener("click",r)})}});

Add ThreatMiner support

Supported types: IP, Domain, Hash

IP(1.1.1.1): https://www.threatminer.org/host.php?q=1.1.1.1
Domain(github.com): https://www.threatminer.org/domain.php?q=github.com
Hash(44d88612fea8a8f36de82e1278abb02f): https://www.threatminer.org/sample.php?q=44d88612fea8a8f36de82e1278abb02f

Add ViruslTotal URL scan feature

curl --request POST \
  --url 'https://www.virustotal.com/vtapi/v2/url/scan' \
  --data 'apikey=<apikey>' \
  --data 'url=<url>'

Reference:
- https://developers.virustotal.com/v2.0/reference#url-scan

[BUG/Chromium] Unchecked runtime.lastError while running contextMenus.create: Cannot create item with duplicate id Search te as a text

Hi,
I hope this information is helpful to solve the problem.

1
!function(e){function t(t){for(var s,o,a=t[0],c=t[1],u=t[2],l=0,p=[];l<a.length;l++)o=a[l],r[o]&&p.push(r[o][0]),r[o]=0;for(s in c)Object.prototype.hasOwnProperty.call(c,s)&&(e[s]=c[s]);for(h&&h(t);p.length;)p.shift()();return i.push.apply(i,u||[]),n()}function n(){for(var e,t=0;t<i.length;t++){for(var n=i[t],s=!0,a=1;a<n.length;a++){var c=n[a];0!==r[c]&&(s=!1)}s&&(i.splice(t--,1),e=o(o.s=n[0]))}return e}var s={},r={3:0},i=[];function o(t){if(s[t])return s[t].exports;var n=s[t]={i:t,l:!1,exports:{}};return e[t].call(n.exports,n,n.exports,o),n.l=!0,n.exports}o.m=e,o.c=s,o.d=function(e,t,n){o.o(e,t)||Object.defineProperty(e,t,{enumerable:!0,get:n})},o.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},o.t=function(e,t){if(1&t&&(e=o(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var n=Object.create(null);if(o.r(n),Object.defineProperty(n,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var s in e)o.d(n,s,function(t){return e[t]}.bind(null,s));return n},o.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return o.d(t,"a",t),t},o.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},o.p="";var a=window.webpackJsonp=window.webpackJsonp||[],c=a.push.bind(a);a.push=t,a=a.slice();for(var u=0;u<a.length;u++)t(a[u]);var h=c;i.push([96,0]),n()}({21:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0});const s=n(94),r=n(91),i=n(66);t.Selector=class{constructor(e){this.searchers=[new i.Censys,new i.DomainBigData,new i.FindSubDomains,new i.HybridAnalysis,new i.PublicWWW,new i.Pulsedive,new i.SecurityTrails,new i.Shodan,new i.Urlscan,new i.VirusTotal,new i.XForceExchange],this.scanners=[new r.UrlscanScanner,new r.VirusTotalScanner],this.input=e,this.ioc=s.getIOC(e)}getIP(){return null!==this.ioc.networks.ipv4s?this.ioc.networks.ipv4s[0]:null}getDomain(){return null!==this.ioc.networks.domains?this.ioc.networks.domains[0]:null}getUrl(){return null!==this.ioc.networks.urls?this.ioc.networks.urls[0]:null}getHash(){let e=[];return e=this.concat(e,this.ioc.hashes.sha256s),e=this.concat(e,this.ioc.hashes.sha1s),0===(e=this.concat(e,this.ioc.hashes.md5s)).length?null:e[0]}getSearchersByType(e){return this.searchers.filter(t=>-1!==t.supportedTypes.indexOf(e))}getScannersByType(e){return this.scanners.filter(t=>-1!==t.supportedTypes.indexOf(e))}getSearcherEntries(){let e=[];e=this.concat(e,this.makeAnalyzerEntries(this.getSearchersByType("text"),"text",this.input));const t=this.getUrl();if(null!==t)return this.concat(e,this.makeAnalyzerEntries(this.getSearchersByType("url"),"url",t));const n=this.getDomain();if(null!==n)return this.concat(e,this.makeAnalyzerEntries(this.getSearchersByType("domain"),"domain",n));const s=this.getIP();if(null!==s)return this.concat(e,this.makeAnalyzerEntries(this.getSearchersByType("ip"),"ip",s));const r=this.getHash();return null!==r?this.concat(e,this.makeAnalyzerEntries(this.getSearchersByType("hash"),"hash",r)):e}getScannerEntries(){const e=this.getUrl();if(null!==e)return this.makeAnalyzerEntries(this.getScannersByType("url"),"url",e);const t=this.getDomain();if(null!==t)return this.makeAnalyzerEntries(this.getScannersByType("domain"),"domain",t);const n=this.getIP();return null!==n?this.makeAnalyzerEntries(this.getScannersByType("ip"),"ip",n):[]}concat(e,t){return null!==t?e.concat(t):e}makeAnalyzerEntries(e,t,n){const s=[];for(const r of e)s.push(this.makeAnalyzerEntry(r,t,n));return s}makeAnalyzerEntry(e,t,n){return{analyzer:e,type:t,query:n}}}},24:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0});t.XForceExchange=class{constructor(){this.supportedTypes=["ip","domain","hash"],this.endpoint="https://exchange.xforce.ibmcloud.com",this.name="X-Force-Exchange"}searchByIP(e){return`${this.endpoint}/ip/${e}`}searchByDomain(e){return`${this.endpoint}/url/${e}`}searchByHash(e){return`${this.endpoint}/malware/${e}`}}},33:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0});const s=n(12),r=n(32);t.VirusTotal=class{constructor(){this.supportedTypes=["ip","domain","url","hash"],this.endpoint="https://www.virustotal.com/#",this.name="VirusTotal"}searchByIP(e){return`${this.endpoint}/ip-address/${e}`}searchByURL(e){const t=s.SHA256(this.normalizeUrl(e));return`${this.endpoint}/url/${t}`}normalizeUrl(e){return"/"===r.parse(e).pathname&&"/"!==e.slice(-1)?`${e}/`:e}searchByDomain(e){return`${this.endpoint}/domain/${e}`}searchByHash(e){return`${this.endpoint}/file/${e}`}}},34:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0});t.Urlscan=class{constructor(){this.supportedTypes=["ip","domain","url"],this.endpoint="https://urlscan.io/api/v1",this.name="Urlscan"}searchByIP(e){const t=encodeURIComponent(e);return this.search(t)}searchByDomain(e){const t=encodeURIComponent(e);return this.search(t)}searchByURL(e){const t=encodeURIComponent(`"${e}"`);return this.search(t)}search(e){return`https://urlscan.io/search/#${e}`}}},35:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0});t.Shodan=class{constructor(){this.supportedTypes=["text"],this.endpoint="https://www.shodan.io",this.name="Shodan"}searchByText(e){const t=encodeURIComponent(e);return`${this.endpoint}/search?query=${t}`}}},36:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0});t.SecurityTrails=class{constructor(){this.supportedTypes=["domain","ip"],this.endpoint="https://securitytrails.com",this.name="SecurityTrails"}searchByText(e){const t=encodeURIComponent(e);return`${this.endpoint}/list/keyword/${t}`}searchByIP(e){return`${this.endpoint}/list/ip/${e}`}searchByDomain(e){return`${this.endpoint}/domain/${e}`}}},60:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0});const s=n(12);t.Pulsedive=class{constructor(){this.supportedTypes=["ip","domain","url","hash"],this.endpoint="https://pulsedive.com",this.name="Pulsedive"}searchByIP(e){return this.search(e)}searchByDomain(e){return this.search(e)}searchByURL(e){return this.search(e)}searchByHash(e){return this.search(e)}search(e){const t=s.enc.Utf8.parse(e),n=s.enc.Base64.stringify(t);return`${this.endpoint}/indicator/?ioc=${n}`}}},61:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0});t.PublicWWW=class{constructor(){this.supportedTypes=["text"],this.endpoint="https://publicwww.com/websites",this.name="PublicWWW"}searchByText(e){const t=encodeURIComponent(e);return`${this.endpoint}/${t}`}}},62:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0});t.HybridAnalysis=class{constructor(){this.supportedTypes=["hash"],this.endpoint="https://www.hybrid-analysis.com",this.name="HybridAnalysis"}searchByHash(e){if(64!==e.length)throw new Error("HybridAnalysis onlys suports SHA256");return`${this.endpoint}/sample/${e}`}}},63:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0});t.FindSubDomains=class{constructor(){this.supportedTypes=["domain"],this.endpoint="https://findsubdomains.com",this.name="FindSubDomains"}searchByDomain(e){return`${this.endpoint}/subdomains-of/${e}`}}},64:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0});t.DomainBigData=class{constructor(){this.supportedTypes=["domain"],this.endpoint="https://domainbigdata.com",this.name="DomainBigData"}searchByDomain(e){return`${this.endpoint}/${e}`}}},65:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0});t.Censys=class{constructor(){this.supportedTypes=["text"],this.endpoint="https://censys.io",this.name="Censys"}searchByText(e){const t=encodeURIComponent(e);return`${this.endpoint}/ipv4?q=${t}`}}},66:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0});var s=n(65);t.Censys=s.Censys;var r=n(64);t.DomainBigData=r.DomainBigData;var i=n(63);t.FindSubDomains=i.FindSubDomains;var o=n(62);t.HybridAnalysis=o.HybridAnalysis;var a=n(61);t.PublicWWW=a.PublicWWW;var c=n(60);t.Pulsedive=c.Pulsedive;var u=n(36);t.SecurityTrails=u.SecurityTrails;var h=n(35);t.Shodan=h.Shodan;var l=n(34);t.Urlscan=l.Urlscan;var p=n(33);t.VirusTotal=p.VirusTotal;var y=n(24);t.XForceExchange=y.XForceExchange},70:function(e,t,n){"use strict";var s=this&&this.__awaiter||function(e,t,n,s){return new(n||(n=Promise))(function(r,i){function o(e){try{c(s.next(e))}catch(e){i(e)}}function a(e){try{c(s.throw(e))}catch(e){i(e)}}function c(e){e.done?r(e.value):new n(function(t){t(e.value)}).then(o,a)}c((s=s.apply(e,t||[])).next())})};Object.defineProperty(t,"__esModule",{value:!0});const r=n(20),i=n(69);t.VirusTotalScanner=class{constructor(){this.supportedTypes=["url"],this.endpoint="https://www.virustotal.com/vtapi/v2",this.name="VirusTotal"}setApiKey(e){this.apiKey=e}scanByURL(e){return s(this,void 0,void 0,function*(){if(void 0===this.apiKey)throw Error("Please set your VirusTotal API key via the option.");const t={apikey:this.apiKey,url:e};return(yield r.default.post(`${this.endpoint}/url/scan`,i.stringify(t))).data.permalink})}}},90:function(e,t,n){"use strict";var s=this&&this.__awaiter||function(e,t,n,s){return new(n||(n=Promise))(function(r,i){function o(e){try{c(s.next(e))}catch(e){i(e)}}function a(e){try{c(s.throw(e))}catch(e){i(e)}}function c(e){e.done?r(e.value):new n(function(t){t(e.value)}).then(o,a)}c((s=s.apply(e,t||[])).next())})};Object.defineProperty(t,"__esModule",{value:!0});const r=n(20);t.UrlscanScanner=class{constructor(){this.supportedTypes=["ip","domain","url"],this.endpoint="https://urlscan.io/api/v1",this.name="Urlscan"}setApiKey(e){this.apiKey=e}scanByIP(e){return s(this,void 0,void 0,function*(){return yield this.scan(e)})}scanByDomain(e){return s(this,void 0,void 0,function*(){return yield this.scan(e)})}scanByURL(e){return s(this,void 0,void 0,function*(){return yield this.scan(e)})}scan(e,t=!0){return s(this,void 0,void 0,function*(){if(void 0===this.apiKey)throw Error("Please set your urlscan.io API key via the option.");return(yield r.default.post(`${this.endpoint}/scan/`,{public:t?"on":"off",url:e},{headers:{"API-KEY":this.apiKey}})).data.result})}}},91:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0});var s=n(90);t.UrlscanScanner=s.UrlscanScanner;var r=n(70);t.VirusTotalScanner=r.VirusTotalScanner},95:function(e,t,n){"use strict";var s=this&&this.__awaiter||function(e,t,n,s){return new(n||(n=Promise))(function(r,i){function o(e){try{c(s.next(e))}catch(e){i(e)}}function a(e){try{c(s.throw(e))}catch(e){i(e)}}function c(e){e.done?r(e.value):new n(function(t){t(e.value)}).then(o,a)}c((s=s.apply(e,t||[])).next())})};Object.defineProperty(t,"__esModule",{value:!0});const r=n(21);t.Command=class{constructor(e){this.parts=e.split(" "),this.action=this.parts[0].toLowerCase(),this.query=this.parts.slice(1,this.parts.length-5).join(" "),this.target=this.parts[this.parts.length-1]}search(){const e=new r.Selector(this.query).getSearcherEntries().find(e=>e.analyzer.name===this.target);let t="";if(void 0!==e){const n=e.analyzer;switch(e.type){case"text":t=n.searchByText(e.query);break;case"ip":t=n.searchByIP(e.query);break;case"domain":t=n.searchByDomain(e.query);break;case"url":t=n.searchByURL(e.query);break;case"hash":t=n.searchByHash(e.query)}}return t}scan(e){return s(this,void 0,void 0,function*(){const t=new r.Selector(this.query).getScannerEntries().find(e=>e.analyzer.name===this.target);let n="";if(void 0!==t){const s=t.analyzer;switch(s.name){case"Urlscan":s.setApiKey(e.urlscanApiKey);break;case"VirusTotal":s.setApiKey(e.virusTotalApiKey)}switch(t.type){case"ip":n=yield s.scanByIP(t.query);break;case"domain":n=yield s.scanByDomain(t.query);break;case"url":n=yield s.scanByURL(t.query)}}return n})}}},96:function(e,t,n){"use strict";var s=this&&this.__awaiter||function(e,t,n,s){return new(n||(n=Promise))(function(r,i){function o(e){try{c(s.next(e))}catch(e){i(e)}}function a(e){try{c(s.throw(e))}catch(e){i(e)}}function c(e){e.done?r(e.value):new n(function(t){t(e.value)}).then(o,a)}c((s=s.apply(e,t||[])).next())})};Object.defineProperty(t,"__esModule",{value:!0});const r=n(95),i=n(21);function o(e){chrome.notifications.create({iconUrl:"./icons/48.png",message:e,title:"Mitaka",type:"basic"})}chrome.contextMenus.onClicked.addListener((e,t)=>{const n=e.menuItemId,i=new r.Command(n);switch(i.action){case"search":!function(e){try{const t=e.search();void 0!==t&&""!==t&&chrome.tabs.create({url:t})}catch(e){o(e.message)}}(i);break;case"scan":!function(e){chrome.storage.sync.get("apiKeys",t=>s(this,void 0,void 0,function*(){const n={urlscanApiKey:t.apiKeys.urlscanApiKey,virusTotalApiKey:t.apiKeys.virusTotalApiKey};try{const t=yield e.scan(n);void 0!==t&&""!==t&&chrome.tabs.create({url:t})}catch(e){o(e.message)}}))}(i)}}),chrome.runtime.onMessage.addListener((e,t,n)=>{"removeContextMenu"===e.request&&chrome.contextMenus.removeAll(),"updateContextMenu"===e.request&&chrome.contextMenus.removeAll(()=>{const t=e.selection,n=new i.Selector(t),s=n.getSearcherEntries();for(const e of s){const t=e.analyzer.name,n={contexts:["selection"],id:`Search ${e.query} as a ${e.type} on ${t}`,title:`Search this ${e.type} on ${t}`};chrome.contextMenus.create(n)}const r=n.getScannerEntries();for(const e of r){const t=e.analyzer.name,n={contexts:["selection"],id:`Scan ${e.query} as a ${e.type} on ${t}`,title:`Scan this ${e.type} on ${t}`};chrome.contextMenus.create(n)}})})}});

Add X-Force Exchange support

X-Force Exchange is a threat intelligence sharing platform enabling research on security threats, aggregation of intelligence, and collaboration with peers.

Failed coverage tracking

Coverage tracking is failing since Travis Build #466.

Add DNSlytics support

https://dnslytics.com
- IP: https://dnslytics.com/ip/1.1.1.1
- Domain: https://dnslytics.com/domain/github.com

Add RiskIQ support

RiskIQ has great capabilities of OSINT / Threat Intelligence with a free account.

SSL Security Test

https://www.htbridge.com/ssl/
supports IP and Domain

Add ONYPHE supports

ONYPHE is a search engine for open-source intelligence data.

ONYPHE supports IP search on its Web UI.

Example (IP: 1.1.1.1):
- https://www.onyphe.io/ip/1.1.1.1

Add Sploitus support

Sploitus
- CVE: https://sploitus.com/?query=CVE-2017-11882

Add fofa.so support

Supported types: IP, Domain
- IP (1.1.1.1): https://fofa.so/result?qbase64=aXA9IjEuMS4xLjEi
  - base64 encoded value of ip="1.1.1.1".
- Domain (github.com): https://fofa.so/result?qbase64=ZG9tYWluPSJnaXRodWIuY29tIg%3D%3D
  - base64 encoded value of domain="github.com"

Add on/off feature

Adding on/off feature of searchers &. scanners is good for usability.
(I mean creating an on/off toggle for each searcher & scanner in options page)

Add IPinfo support

IPinfo (http://www.malshare.com)
- Supported types: IP, ASN
- IP(1.1.1.1): https://ipinfo.io/1.1.1.1
- ASN(AS13335): https://ipinfo.io/AS13335

Add Search on Local or Remote MISP Instance

Dear Team,

It could be a good Idea (and IMO a quick win) to add the options to check a URL on Local or Remote MISP (Malware Information Sharing Platform) Instance.

Like Virustotal and other API based services, the search only need the Server IP or Name and the API Key in the options menu.

MISP Doc : https://www.circl.lu/doc/misp/automation/

Thanks !!

Change throttle delay

I don't know why but 100 or 250 throttle delay are recommended.

(Number) A zero-or-greater delay in milliseconds. For event callbacks, values around 100 or 250 (or even higher) are most useful.
http://benalman.com/code/projects/jquery-throttle-debounce/docs/files/jquery-ba-throttle-debounce-js.html

Add loading to the end of the link when you scan with urlscan to avoid the 404 error.

Example:
Current link you get when you scan a url with urlscan:
https://urlscan.io/result/54db15c2-5246-4f5c-9907-7576ce5b7547/ This will produce a 404 since the scan isn't done, you have to refresh manually.

Possible solution:
Add loading to the end like this:
https://urlscan.io/result/54db15c2-5246-4f5c-9907-7576ce5b7547/loading
This will produce a page that shows the progress of the scan and refreshes automatically when it's done.

Add pipl support

base url:
- https://pipl.com/
email:
- [email protected]: https://pipl.com/search/?q=test%40test.com

Add Intelligence X support

IP:
- https://intelx.io/?s=1.1.1.1
Domain:
- https://intelx.io/?s=github.com
URL:
- https://intelx.io/?s=https://github.com
Email:
- https://intelx.io/[email protected]
BTC address:
- https://intelx.io/?s=1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa

Google Safe Browsing (https://transparencyreport.google.com):
- Supported types: domain, url
- URL(https://github.com): https://transparencyreport.google.com/safe-browsing/search?url=https:%2F%2Fgithub.com
- Domain(github.com): https://transparencyreport.google.com/safe-browsing/search?url=github.com

Add Archive.org lookup

Archive.org(https://archive.org/):
- Supported types: url
- URL(https://github.com): http://web.archive.org/web/*/https://github.com

Add DomainWatch support

DomainWatch
- domain: https://domainwat.ch/whois/example.com
- email: https://domainwat.ch/search?query=test%40example.com

Add hackertarget.com/ip-tools/

https://hackertarget.com/ip-tools/

IP and Network Tools

Traceroute	Using mtr an advanced traceroute tool trace the path of an Internet connection.
Test Ping	A common tool for testing connectivity to a host, perform a ping from our server.
DNS Lookup	Find DNS records for a domain, results are determined using the dig DNS tool.
Find (A) Records	Find forward DNS (A) records for a domain.
Reverse DNS	Find Reverse DNS records for an IP address or a range of IP addresses.
Find Shared DNS Servers	Find hosts sharing DNS servers.
Zone Transfer	Online Test of a zone transfer that will attempt to get all DNS records for a target domain
Whois Lookup	Determine the registered owner of a domain or IP address block with the whois tool.
GeoIP Lookup	Find the location of an IP address using the GeoIP lookup location tool.
Reverse IP	Discover web hosts sharing an IP address with a reverse IP lookup.
TCP Port Scan	Determine the status of an Internet facing service or firewall
UDP Port Scan	Online UDP port scan available for common UDP services
Subnet Lookup Online	Determine the properties of a network subnet
HTTP Headers	View HTTP Headers of a web site. The HTTP Headers reveal system and web application details.
Page Links	Dump all the links from a web page.
AS Lookup	Get Autonomous System Number or ASN details from an AS or an IP address.