Closed cicakdinding01 closed 6 years ago
Hi @cicakdinding01,
You are correct, in the last release we moved to a JSONPath solution to allow for more complex filtering and we deprecated the old loop conditional methods as they relied on using an eval type method, which was kind of safe (maybe? it was the google templated strings solution) however the Firefox reviewers didn't like it. But this new method is much safer and more powerful in some ways.
The Virustotal responses kind of suck in terms of JSON formatting, since they use dynamic properties to hold the name of the AV detections and its harder to get the names of the parent level object in JSONPath.
You raise a valid point though, it was nice being able to see the AV detection names.
I've put a demo of what I was thinking it could look like with the AV detection names. I'd like to keep it on a single line CSV format since it makes better use of the long white space with the hash lookups.
Take a look and let me know what you think.
Hi,
Thanks for the reply, appreciate it.
What you show below would do for the hover tool tip - at least the analyst knows that there is coverage for an individual indicator.
However, for bulk search, finding out what is the name of the detection would be slightly challenging e.g. to find the F-Secure detection name, one would have to count to the 13th entry. Imagine doing this for 600+ times for 600+ indicators! Hint: US CERT FallChild or HiddenCobra IOC.
But good stuff, we should link up for more expansion, my intern is working on API queries from 2 commercial TI providers for our TIP integration, once it's ready I'll see how to port them over to ThreatPinch. It's still API queries anyway, just formatted differently.
Regards,
CD
Sent with ProtonMail Secure Email.
-------- Original Message -------- On February 8, 2018 8:56 PM, cloudtracer notifications@github.com wrote:
Hi @cicakdinding01,
You are correct, in the last release we moved to a JSONPath solution to allow for more complex filtering and we deprecated the old loop conditional methods as they relied on using an eval type method, which was kind of safe (maybe? it was the google templated strings solution) however the Firefox reviewers didn't like it. But this new method is much safer and more powerful in some ways.
The Virustotal responses kind of suck in terms of JSON formatting, since they use dynamic properties to hold the name of the AV detections and its harder to get the names of the parent level object in JSONPath.
You raise a valid point though, it was nice being able to see the AV detection names.
I've put a demo of what I was thinking it could look like with the AV detection names. I'd like to keep it on a single line CSV format since it makes better use of the long white space with the hash lookups.
Take a look and let me know what you think.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or mute the thread.
Very cool. If you guys do end up creating some custom queries that might be useful please share them here! The share button on the lookups will generate a url with user defined stuff like api key set to prompt the user for that information.
If you are doing large sets of bulk lookups, you might want to consider just having your plugin sync to a CouchDB server. Once the data is in there you can slice and dice it more easily, plus it gets the data out of the browser.
Some old documentation regarding it https://github.com/cloudtracer/ThreatPinchLookup/wiki/1.3-CouchDB-Sync
Not sure how many people use it, but we use it :)
Anyways, the updates were pushed out in 2.0.21 which should be available soon. Happy to link up and discuss ThreatPinch related items anytime.
If you are attached to the old look of the virustotal lookups, you can always disable the default lookups and create your own.
I put this together pretty quickly, and the ${PINCH.LOOPPARENTNAME} and ${PINCH.LOOPPARENTS} will be properly exposed in 2.0.22 which I'm pushing now.
You can add the SHA2 one I put together here (but you'll need to wait till you have 2.0.22 till it will work). chrome-extension://ljdgplocfnmnofbhpkjclbefmjoikgke/src/options/wizard.html?RL=eyJsb29rdXBOYW1lIjoiVmlydXNUb3RhbCBTSEEyIExvb2t1cCBOZXciLCJ1c2VyRGVmaW5lZCI6eyJhcGlfa2V5Ijp7InRpdGxlIjoiQVBJIEtleSIsInZhbHVlIjoiWU9VUkRBVEFIRVJFIn19LCJsb29rdXBWYXJpYWJsZSI6IlZJUlVTVE9UQUxTSEEyTE9PS1VQTkVXIiwibG9va3VwVHlwZSI6IlNIQTIiLCJsb29rdXBVcmwiOiJodHRwczovL3d3dy52aXJ1c3RvdGFsLmNvbS92dGFwaS92Mi9maWxlL3JlcG9ydCIsImh0dHBIZWFkZXJzIjoiIiwiaHR0cFR5cGUiOiJQT1NUIiwiZGF0YVR5cGUiOiJKU09OIiwiZGF0YVNjaGVtYSI6eyIwX1ZpcnVzVG90YWwiOnsidGl0bGUiOiJWaXJ1c1RvdGFsIiwibWFwcGluZyI6IiR7UElOQ0guTElOS1VSTH0iLCJvcmRlciI6MCwibGlua1RpdGxlIjoiJHtQSU5DSC5IT1ZFUklURU19IiwibGlua1VybCI6Imh0dHBzOi8vd3d3LnZpcnVzdG90YWwuY29tL2VuL2ZpbGUvJHtQSU5DSC5SRVNQT05TRS5zaGEyNTZ9L2FuYWx5c2lzLyJ9LCIxX1NjYW5uZWQiOnsidGl0bGUiOiJTY2FubmVkIiwibWFwcGluZyI6IiR7UElOQ0guUkVTUE9OU0Uuc2Nhbl9kYXRlfSBVVEMiLCJvcmRlciI6MX0sIjJfRGV0ZWN0aW9ucyI6eyJ0aXRsZSI6IkRldGVjdGlvbnMiLCJtYXBwaW5nIjoiJHtQSU5DSC5SRVNQT05TRS5wb3NpdGl2ZXN9LyR7UElOQ0guUkVTUE9OU0UudG90YWx9Iiwib3JkZXIiOjJ9LCIzXyR7UElOQ0guTE9PUFBBUkVOVE5BTUV9Ijp7InRpdGxlIjoiJHtQSU5DSC5MT09QUEFSRU5UTkFNRX0iLCJtYXBwaW5nIjoiJHtQSU5DSC5MT09QfSIsIm9yZGVyIjozLCJqc29ucGF0aCI6IiQuc2NhbnNbPyhALmRldGVjdGVkID09PSB0cnVlKV0ucmVzdWx0IiwianNvbnBhdGhsb29wIjp0cnVlLCJjb25kaXRpb24iOiJ0cnVlIn19LCJkaXNhYmxlZCI6ZmFsc2UsImlvY3MiOnRydWUsImF1dGhvcml6YXRpb25UeXBlIjoiREVGQVVMVCIsInJlcXVlc3RHcm91cCI6IklOVEVSTkVUIiwiaHR0cFBvc3REYXRhIjoicmVzb3VyY2U9JHtQSU5DSC5IT1ZFUklURU19JmFwaWtleT0ke1BJTkNILlVTRVJERUZJTkVELmFwaV9rZXkudmFsdWV9IiwiZXhjbHVkZVBpdm90cyI6WyJFRlFETiIsIklQVjQiXSwiaW5kaWNhdG9yRXhwcmVzc2lvbiI6IihQSU5DSC5SRVNQT05TRS5wb3NpdGl2ZXMgPiAxKSA/ICgoUElOQ0guUkVTUE9OU0UucG9zaXRpdmVzID4gMykgPyAnYmFkJyA6ICdzdXNwaWNpb3VzJykgOiAnZ29vZCciLCJyZWdpc3RyYXRpb24iOnsibGluayI6Imh0dHBzOi8vd3d3LnZpcnVzdG90YWwuY29tL2VuL2RvY3VtZW50YXRpb24vdmlydXN0b3RhbC1jb21tdW5pdHkvIiwidHlwZSI6IkZyZWUiLCJ0aXRsZSI6IlZpcnVzVG90YWwiLCJzdW1tYXJ5IjoiVmlydXNUb3RhbCBpcyBhIGZyZWUgc2VydmljZSB0aGF0IGFuYWx5emVzIHN1c3BpY2lvdXMgZmlsZXMgYW5kIFVSTHMgYW5kIGZhY2lsaXRhdGVzIHRoZSBxdWljayBkZXRlY3Rpb24gb2YgdmlydXNlcywgd29ybXMsIHRyb2phbnMsIGFuZCBhbGwga2luZHMgb2YgbWFsd2FyZS4ifSwic2FtcGxlIjoiYzQ2ZGYyZDIxYWU3MmYwNjg5MDQ5NzkwMjk1Yzc5NDI0NzI3N2UzOWQ2MDM1YTJiNDFjYmUyOWI4NjA3MWIxNyIsIm9yZGVyIjo1N30=
Hi CloudTracer, have finished a new integration.
Can I check how do I pass the code to you to update the chrome webstore extension?
Thanks.
Hey @cicakdinding01 very cool.
In the ThreatPinch Settings page every lookup has a "Share" button which will produce a url that can be shared. The URL will have all the user defined settings set to their defaults (api key, api user, etc). Just click the share button, make sure you haven't accidentally exposed any of your API keys and then you can post the URL here in this thread.
Recorded Future IP Lookup chrome-extension://ljdgplocfnmnofbhpkjclbefmjoikgke/src/options/wizard.html?RL=eyJsb29rdXBOYW1lIjoiUmVjb3JkZWQgRnV0dXJlIElQIFJpc2sgTGlzdCIsInVzZXJEZWZpbmVkIjp7ImFwaV9rZXkiOnsidGl0bGUiOiJBUEkgS2V5IiwidmFsdWUiOiJZT1VSREFUQUhFUkUifX0sImxvb2t1cFZhcmlhYmxlIjoiUkVDT1JERURGVVRVUkVfSVAiLCJsb29rdXBUeXBlIjoiSVBWNCIsImxvb2t1cFVybCI6Imh0dHBzOi8vYXBpLnJlY29yZGVkZnV0dXJlLmNvbS92Mi9pcC8ke1BJTkNILkhPVkVSSVRFTX0lMjAlMjA/ZmllbGRzPWludGVsQ2FyZCUyQ3Jpc2slMkN0aHJlYXRMaXN0cyZtZXRhZGF0YT10cnVlIiwiaHR0cEhlYWRlcnMiOnsiWC1SRlRva2VuIjoiJHtQSU5DSC5VU0VSREVGSU5FRC5hcGlfa2V5LnZhbHVlfSJ9LCJodHRwVHlwZSI6IkdFVCIsImRhdGFUeXBlIjoiSlNPTiIsImRhdGFTY2hlbWEiOnsiMF9SZWNvcmRlZCBGdXR1cmUgSVAgUmlzayBMaXN0Ijp7InRpdGxlIjoiUmVjb3JkZWQgRnV0dXJlIElQIFJpc2sgTGlzdCIsIm1hcHBpbmciOiIke1BJTkNILkxJTktVUkx9Iiwib3JkZXIiOjAsImxpbmtUaXRsZSI6IihDbGljayBoZXJlIGZvciBJbnRlbCBDYXJkKSIsImxpbmtVcmwiOiJodHRwczovL2FwcC5yZWNvcmRlZGZ1dHVyZS5jb20vbGl2ZS9zYy9lbnRpdHkvaXAlM0Eke1BJTkNILkhPVkVSSVRFTX0ifSwiMV9SaXNrIjp7InRpdGxlIjoiUmlzayIsIm1hcHBpbmciOiIke1BJTkNILlJFU1BPTlNFLmRhdGEucmlzay5jcml0aWNhbGl0eUxhYmVsfSIsIm9yZGVyIjoxfSwiMl9SaXNrIFJ1bGVzIjp7InRpdGxlIjoiUmlzayBSdWxlcyIsIm1hcHBpbmciOiIke1BJTkNILlJFU1BPTlNFLmRhdGEucmlzay5yaXNrU3VtbWFyeX0iLCJvcmRlciI6Mn0sIjNfUmlzayBDcml0aWNhbGl0eSI6eyJ0aXRsZSI6IlJpc2sgQ3JpdGljYWxpdHkiLCJtYXBwaW5nIjoiJHtQSU5DSC5SRVNQT05TRS5kYXRhLnJpc2suY3JpdGljYWxpdHl9Iiwib3JkZXIiOjN9LCI0X1Jpc2sgU2NvcmUiOnsidGl0bGUiOiJSaXNrIFNjb3JlIiwibWFwcGluZyI6IiR7UElOQ0guUkVTUE9OU0UuZGF0YS5yaXNrLnNjb3JlfSIsIm9yZGVyIjo0fX0sImRpc2FibGVkIjpmYWxzZSwiaW9jcyI6dHJ1ZSwiYXV0aG9yaXphdGlvblR5cGUiOiJERUZBVUxUIiwicmVxdWVzdEdyb3VwIjoiSU5URVJORVQiLCJleGNsdWRlUGl2b3RzIjpbXSwic2FtcGxlIjoiMTk0Ljg3LjkyLjIwNCIsIm9yZGVyIjo0Mn0=
Recorded Future SHA2 Lookup chrome-extension://ljdgplocfnmnofbhpkjclbefmjoikgke/src/options/wizard.html?RL=eyJsb29rdXBOYW1lIjoiUmVjb3JkZWQgRnV0dXJlIFNIQTIgUmlzayBMaXN0IiwidXNlckRlZmluZWQiOnsiYXBpX2tleSI6eyJ0aXRsZSI6IkFQSSBLZXkiLCJ2YWx1ZSI6IllPVVJEQVRBSEVSRSJ9fSwibG9va3VwVmFyaWFibGUiOiJSRUNPUkRFREZVVFVSRVNIQTJSSVNLTElTVCIsImxvb2t1cFR5cGUiOiJTSEEyIiwibG9va3VwVXJsIjoiaHR0cHM6Ly9hcGkucmVjb3JkZWRmdXR1cmUuY29tL3YyL2hhc2gvJHtQSU5DSC5IT1ZFUklURU19P2ZpZWxkcz1pbnRlbENhcmQlMkNyaXNrJTJDdGhyZWF0TGlzdHMmbWV0YWRhdGE9dHJ1ZSIsImh0dHBIZWFkZXJzIjp7IlgtUkZUb2tlbiI6IiR7UElOQ0guVVNFUkRFRklORUQuYXBpX2tleS52YWx1ZX0ifSwiaHR0cFR5cGUiOiJHRVQiLCJkYXRhVHlwZSI6IkpTT04iLCJkYXRhU2NoZW1hIjp7IjBfUmVjb3JkZWQgRnV0dXJlIFNIQTIgUmlzayBMaXN0Ijp7InRpdGxlIjoiUmVjb3JkZWQgRnV0dXJlIFNIQTIgUmlzayBMaXN0IiwibWFwcGluZyI6IiR7UElOQ0guTElOS1VSTH0iLCJvcmRlciI6MCwibGlua1RpdGxlIjoiKENsaWNrIEhlcmUgZm9yIEludGVsIENhcmQpIiwibGlua1VybCI6Imh0dHBzOi8vYXBwLnJlY29yZGVkZnV0dXJlLmNvbS9saXZlL3NjL2VudGl0eS9oYXNoJTNBJHtQSU5DSC5IT1ZFUklURU19In0sIjFfUmlzayI6eyJ0aXRsZSI6IlJpc2siLCJtYXBwaW5nIjoiJHtQSU5DSC5SRVNQT05TRS5kYXRhLnJpc2suY3JpdGljYWxpdHlMYWJlbH0iLCJvcmRlciI6MX0sIjJfUmlzayBSdWxlIjp7InRpdGxlIjoiUmlzayBSdWxlIiwibWFwcGluZyI6IiR7UElOQ0guUkVTUE9OU0UuZGF0YS5yaXNrLnJpc2tTdW1tYXJ5fSIsIm9yZGVyIjoyfSwiM19SaXNrIENyaXRpY2FsaXR5Ijp7InRpdGxlIjoiUmlzayBDcml0aWNhbGl0eSIsIm1hcHBpbmciOiIke1BJTkNILlJFU1BPTlNFLmRhdGEucmlzay5yaXNrU3RyaW5nfSIsIm9yZGVyIjozfSwiNF9SaXNrIFNjb3JlIjp7InRpdGxlIjoiUmlzayBTY29yZSIsIm1hcHBpbmciOiIke1BJTkNILlJFU1BPTlNFLmRhdGEucmlzay5zY29yZX0iLCJvcmRlciI6NH19LCJkaXNhYmxlZCI6ZmFsc2UsImlvY3MiOmZhbHNlLCJhdXRob3JpemF0aW9uVHlwZSI6IkRFRkFVTFQiLCJyZXF1ZXN0R3JvdXAiOiJJTlRFUk5FVCIsInNhbXBsZSI6ImJkNzIxOWZiYzY1NmM5ODMzZmFlMmVmMTY3MGY0YTQ0NjdmZDQ2NDc1ZTMxZjJhMjk5ZWUxNWVjYjcwY2JiYjMiLCJvcmRlciI6NDN9
Recorded Future MD5 Lookup chrome-extension://ljdgplocfnmnofbhpkjclbefmjoikgke/src/options/wizard.html?RL=eyJsb29rdXBOYW1lIjoiUmVjb3JkZWQgRnV0dXJlIE1ENSBSaXNrIExpc3QiLCJ1c2VyRGVmaW5lZCI6eyJhcGlfa2V5Ijp7InRpdGxlIjoiQVBJIEtleSIsInZhbHVlIjoiWU9VUkRBVEFIRVJFIn19LCJsb29rdXBWYXJpYWJsZSI6IlJFQ09SREVERlVUVVJFTUQ1UklTS0xJU1QiLCJsb29rdXBUeXBlIjoiTUQ1IiwibG9va3VwVXJsIjoiaHR0cHM6Ly9hcGkucmVjb3JkZWRmdXR1cmUuY29tL3YyL2hhc2gvJHtQSU5DSC5IT1ZFUklURU19P2ZpZWxkcz1pbnRlbENhcmQlMkNyaXNrJTJDdGhyZWF0TGlzdHMmbWV0YWRhdGE9dHJ1ZSIsImh0dHBIZWFkZXJzIjp7IlgtUkZUb2tlbiI6IiR7UElOQ0guVVNFUkRFRklORUQuYXBpX2tleS52YWx1ZX0ifSwiaHR0cFR5cGUiOiJHRVQiLCJkYXRhVHlwZSI6IkpTT04iLCJkYXRhU2NoZW1hIjp7IjBfUmVjb3JkZWQgRnV0dXJlIE1ENSBSaXNrIExpc3QiOnsidGl0bGUiOiJSZWNvcmRlZCBGdXR1cmUgTUQ1IFJpc2sgTGlzdCIsIm1hcHBpbmciOiIke1BJTkNILkxJTktVUkx9Iiwib3JkZXIiOjAsImxpbmtUaXRsZSI6IihDbGljayBoZXJlIGZvciBJbnRlbCBDYXJkKSIsImxpbmtVcmwiOiJodHRwczovL2FwcC5yZWNvcmRlZGZ1dHVyZS5jb20vbGl2ZS9zYy9lbnRpdHkvaGFzaCUzQSR7UElOQ0guSE9WRVJJVEVNfSJ9LCIxX1Jpc2siOnsidGl0bGUiOiJSaXNrIiwibWFwcGluZyI6IiR7UElOQ0guUkVTUE9OU0UuZGF0YS5yaXNrLmNyaXRpY2FsaXR5TGFiZWx9Iiwib3JkZXIiOjF9LCIyX1Jpc2sgUnVsZSI6eyJ0aXRsZSI6IlJpc2sgUnVsZSIsIm1hcHBpbmciOiIke1BJTkNILlJFU1BPTlNFLmRhdGEucmlzay5yaXNrU3VtbWFyeX0iLCJvcmRlciI6Mn0sIjNfUmlzayBDcml0aWNhbGl0eSI6eyJ0aXRsZSI6IlJpc2sgQ3JpdGljYWxpdHkiLCJtYXBwaW5nIjoiJHtQSU5DSC5SRVNQT05TRS5kYXRhLnJpc2sucmlza1N0cmluZ30iLCJvcmRlciI6M30sIjRfUmlzayBTY29yZSI6eyJ0aXRsZSI6IlJpc2sgU2NvcmUiLCJtYXBwaW5nIjoiJHtQSU5DSC5SRVNQT05TRS5kYXRhLnJpc2suc2NvcmV9Iiwib3JkZXIiOjR9fSwiZGlzYWJsZWQiOmZhbHNlLCJpb2NzIjpmYWxzZSwiYXV0aG9yaXphdGlvblR5cGUiOiJERUZBVUxUIiwicmVxdWVzdEdyb3VwIjoiSU5URVJORVQiLCJzYW1wbGUiOiJiZDcyMTlmYmM2NTZjOTgzM2ZhZTJlZjE2NzBmNGE0NDY3ZmQ0NjQ3NWUzMWYyYTI5OWVlMTVlY2I3MGNiYmIzIiwib3JkZXIiOjQ0fQ==
Recorded Future SHA1 Lookup chrome-extension://ljdgplocfnmnofbhpkjclbefmjoikgke/src/options/wizard.html?RL=eyJsb29rdXBOYW1lIjoiUmVjb3JkZWQgRnV0dXJlIFNIQTEgUmlzayBMaXN0IiwidXNlckRlZmluZWQiOnsiYXBpX2tleSI6eyJ0aXRsZSI6IkFQSSBLZXkiLCJ2YWx1ZSI6IllPVVJEQVRBSEVSRSJ9fSwibG9va3VwVmFyaWFibGUiOiJSRUNPUkRFREZVVFVSRVNIQTFSSVNLTElTVCIsImxvb2t1cFR5cGUiOiJTSEExIiwibG9va3VwVXJsIjoiaHR0cHM6Ly9hcGkucmVjb3JkZWRmdXR1cmUuY29tL3YyL2hhc2gvJHtQSU5DSC5IT1ZFUklURU19P2ZpZWxkcz1pbnRlbENhcmQlMkNyaXNrJTJDdGhyZWF0TGlzdHMmbWV0YWRhdGE9dHJ1ZSIsImh0dHBIZWFkZXJzIjp7IlgtUkZUb2tlbiI6IiR7UElOQ0guVVNFUkRFRklORUQuYXBpX2tleS52YWx1ZX0ifSwiaHR0cFR5cGUiOiJHRVQiLCJkYXRhVHlwZSI6IkpTT04iLCJkYXRhU2NoZW1hIjp7IjBfUmVjb3JkZWQgRnV0dXJlIFNIQTEgUmlzayBMaXN0Ijp7InRpdGxlIjoiUmVjb3JkZWQgRnV0dXJlIFNIQTEgUmlzayBMaXN0IiwibWFwcGluZyI6IiR7UElOQ0guTElOS1VSTH0iLCJvcmRlciI6MH0sIjFfUmlzayI6eyJ0aXRsZSI6IlJpc2siLCJtYXBwaW5nIjoiJHtQSU5DSC5SRVNQT05TRS5kYXRhLnJpc2suY3JpdGljYWxpdHlMYWJlbH0iLCJvcmRlciI6MX0sIjJfUmlzayBSdWxlIjp7InRpdGxlIjoiUmlzayBSdWxlIiwibWFwcGluZyI6IiR7UElOQ0guUkVTUE9OU0UuZGF0YS5yaXNrLnJpc2tTdW1tYXJ5fSIsIm9yZGVyIjoyfSwiM19SaXNrIENyaXRpY2FsaXR5Ijp7InRpdGxlIjoiUmlzayBDcml0aWNhbGl0eSIsIm1hcHBpbmciOiIke1BJTkNILlJFU1BPTlNFLmRhdGEucmlzay5yaXNrU3RyaW5nfSIsIm9yZGVyIjozfSwiNF9SaXNrIFNjb3JlIjp7InRpdGxlIjoiUmlzayBTY29yZSIsIm1hcHBpbmciOiIke1BJTkNILlJFU1BPTlNFLmRhdGEucmlzay5zY29yZX0iLCJvcmRlciI6NH19LCJkaXNhYmxlZCI6ZmFsc2UsImlvY3MiOmZhbHNlLCJhdXRob3JpemF0aW9uVHlwZSI6IkRFRkFVTFQiLCJyZXF1ZXN0R3JvdXAiOiJJTlRFUk5FVCIsInNhbXBsZSI6IjczODllNzhjY2E1OGRlNmNiMmNiZTJiNjMxZDJmZWMyNTllOWNkY2MiLCJvcmRlciI6NDV9
Recorded Future FQDN Lookup chrome-extension://ljdgplocfnmnofbhpkjclbefmjoikgke/src/options/wizard.html?RL=eyJsb29rdXBOYW1lIjoiUmVjb3JkZWQgRnV0dXJlIERvbWFpbiBSaXNrIExpc3QiLCJ1c2VyRGVmaW5lZCI6eyJhcGlfa2V5Ijp7InRpdGxlIjoiQVBJIEtleSIsInZhbHVlIjoiWU9VUkRBVEFIRVJFIn19LCJsb29rdXBWYXJpYWJsZSI6IlJFQ09SREVERlVUVVJFRE9NQUlOUklTS0xJU1QiLCJsb29rdXBUeXBlIjoiRUZRRE4iLCJsb29rdXBVcmwiOiJodHRwczovL2FwaS5yZWNvcmRlZGZ1dHVyZS5jb20vdjIvZG9tYWluLyR7UElOQ0guSE9WRVJJVEVNfT9maWVsZHM9aW50ZWxDYXJkJTJDcmlzayUyQ3RocmVhdExpc3RzIiwiaHR0cEhlYWRlcnMiOnsiWC1SRlRva2VuIjoiJHtQSU5DSC5VU0VSREVGSU5FRC5hcGlfa2V5LnZhbHVlfSJ9LCJodHRwVHlwZSI6IkdFVCIsImRhdGFUeXBlIjoiSlNPTiIsImRhdGFTY2hlbWEiOnsiMF9SZWNvcmRlZCBGdXR1cmUgRG9tYWluIFJpc2sgTGlzdCI6eyJ0aXRsZSI6IlJlY29yZGVkIEZ1dHVyZSBEb21haW4gUmlzayBMaXN0IiwibWFwcGluZyI6IiR7UElOQ0guTElOS1VSTH0iLCJvcmRlciI6MCwibGlua1RpdGxlIjoiKENsaWNrIGhlcmUgZm9yIEludGVsIENhcmQpIiwibGlua1VybCI6Imh0dHBzOi8vYXBwLnJlY29yZGVkZnV0dXJlLmNvbS9saXZlL3NjL2VudGl0eS9kb21haW4lM0Eke1BJTkNILkhPVkVSSVRFTX0ifSwiMV9SaXNrIjp7InRpdGxlIjoiUmlzayIsIm1hcHBpbmciOiIke1BJTkNILlJFU1BPTlNFLmRhdGEucmlzay5jcml0aWNhbGl0eUxhYmVsfSIsIm9yZGVyIjoxfSwiMl9SaXNrIFN1bW1hcnkiOnsidGl0bGUiOiJSaXNrIFN1bW1hcnkiLCJtYXBwaW5nIjoiJHtQSU5DSC5SRVNQT05TRS5kYXRhLnJpc2sucmlza1N1bW1hcnl9Iiwib3JkZXIiOjJ9LCIzX1Jpc2sgUnVsZSI6eyJ0aXRsZSI6IlJpc2sgUnVsZSIsIm1hcHBpbmciOiIke1BJTkNILlJFU1BPTlNFLmRhdGEucmlzay5yaXNrU3RyaW5nfSIsIm9yZGVyIjozfSwiNF9SaXNrIFNjb3JlIjp7InRpdGxlIjoiUmlzayBTY29yZSIsIm1hcHBpbmciOiIke1BJTkNILlJFU1BPTlNFLmRhdGEucmlzay5zY29yZX0iLCJvcmRlciI6NH19LCJkaXNhYmxlZCI6ZmFsc2UsImlvY3MiOmZhbHNlLCJhdXRob3JpemF0aW9uVHlwZSI6IkRFRkFVTFQiLCJyZXF1ZXN0R3JvdXAiOiJJTlRFUk5FVCIsInNhbXBsZSI6ImtuaWdhemRvcm92eWEuY29tIiwib3JkZXIiOjQ2fQ==
ok so these are the 5 that are done. Can I check if you can are able to package this up to the chrome extension in web store, so that this can be included in all subsequent threatpinch extension download / update?
Thanks!
We noticed that recently, the VirusTotal Hover Tool Tip & Bulk Search results no longer show the AV product names.
In the past the AV product name AND the detection name is shown. Now this only shows detection name.
The display of AV product name from the VT Hover ToolTip is useful as we can do a quick check whether a specific AV product covers the detected IOC e.g. hash, or reported a specific IP previously.
Without the detection name, we have to actually click on every hash from the bulk search windows, one hash at a time, to check the AV detection coverage for every hash. This is very laborious and is the original problem why we use threatpinch.
Kindly assist please, thank you. See attached screenshots to illustrate this issue.