mitchmoser / sputnik Goto Github PK

https://urlhaus.abuse.ch/

https://urlhaus.abuse.ch/browse.php?search=[search-term]

Does hashes, URLs, domains, IPs.

Is it possible to get a changelog for the Firefox extension? Currently when updating there is no information visible:

Thank you in advance and thank you for a super useful browser extension!

In managing out Office 365 and its overly sensitive impossible travel rules :) we have a need to be able to quickly determine with a reasonable likely hood if something is a VPN provide or not based on the IP address.

A look up against https://github.com/ejrv/VPNs or something similar would be awesome.
I really appreciate your efforts. This saves having to load maltego constantly :)

Referencing PR #33 requested by @chooko:

Summary:
Add a new category of CVE lookup to Sputnik.
Exploit Prediction Scoring System can query for nearly any CVE and return a likelihood score.
Example link here: https://api.first.org/data/v1/epss?cve=CVE-2023-6129&pretty=true

Substitute the highlighted CVE into the URL for the query.

Opening this Issue for users to track and compile new sources to justify the implementation of a new category.

I would suggest adding spyse.com to IP, Domain resources.

The lookup URL for Hacker Target reverse IP is https://api.hackertarget.com/reverseiplookup/?q=%IP%

The lookup URL for mxtoolbox ARIN is http://www.mxtoolbox.com/SuperTool.aspx?action=arin%3a%IP%

Note: the %IP% placeholder is for the IP address.

https://www.criminalip.io/ - Criminal IP is a specialized Cyber Threat Intelligence (CTI) search engine that allows users to search for various security-related information such as malicious IP addresses, domains, banners, etc. It can be widely integrated

At firefox addons store it available for install.

Webextensions api restrictions: https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/menus

I am looking at adding a few entries to this for Microsoft Defender (MDE), which can be considered a non-open/free source.

Instead of maintaining a fork, would it be acceptable to include this but call out in the title that is requires a login/license?

I was also thinking about the entries being at the bottom after a non-actionable separation like:

URL

  -> URLScan

  -> VirusTotal

  -> $Other tool

  -> - - - - -

  -> Microsoft Defender URL (Paid)```

I"ve been using the below to look up blockchain addresses when we get randsomeware/extortion type issues.
https://www.bitcoinabuse.com

On the Firefox addon store page, the license is listed as Mozilla Public License 2.0, but I did not see a license referred to in the repository here on github. Is the Chrome addon's source code MPL 2.0 as well? It may be useful to add a license.md for clarification.

Hope all is treating you well, and thank you for sharing this most useful tool! :)

It would be great if there would be possibility to spawn multiple tabs - something like search on all with relevant artifact (ex. search domain on all). Something like in Mitaka extension implementation.

Hi,

I have this strange problem, that no new tab/window/whatever opens and shows the corresponding Result.

This doesn't happen on my second PC, where I use almost the same Setup.

I am using Firefox ESR 60.4 on Windows 10 64bit

This is the Debug Log from the Addon:

Could not map contract ID '@mozilla.org/fxaccounts/push;1' to CID {1b7db999-2ecd-4abf-bb95-a726896798ca} because no implementation of the CID is registered.  components.manifest:166

navigator.clipboard is undefined background.js:533

navigator.clipboard is undefined  background.js:533

            <anonym> moz-extension://a7e90cc9-3dbe-4296-a62d-5b0ce53f7c50/background.js:533:5

            apply self-hosted:4294:5

            applySafeWithoutClone resource://gre/modules/ExtensionCommon.jsm:304:16

            applySafe resource://gre/modules/ExtensionCommon.jsm:291:14

            sync resource://gre/modules/ExtensionCommon.jsm:1797:18

            listener/< chrome://browser/content/ext-c-menus.js:168:41

            withHandlingUserInput resource://gre/modules/ExtensionUtils.jsm:130:12

            listener chrome://browser/content/ext-c-menus.js:167:13

            apply self-hosted:4294:5

            applySafeWithoutClone resource://gre/modules/ExtensionCommon.jsm:304:16

            fire resource://gre/modules/ExtensionChild.jsm:881:28

            receiveMessage resource://gre/modules/ExtensionChild.jsm:884:38

            _callHandlers/< resource://gre/modules/MessageChannel.jsm:864:17

            _callHandlers resource://gre/modules/MessageChannel.jsm:863:14

            _handleMessage/deferred.promise< resource://gre/modules/MessageChannel.jsm:938:7

            _handleMessage resource://gre/modules/MessageChannel.jsm:935:24

            _handleMessage self-hosted:978:17

            receiveMessage/< resource://gre/modules/MessageChannel.jsm:208:9

            forEach self-hosted:261:13

            receiveMessage resource://gre/modules/MessageChannel.jsm:201:5

Do you know more about it?