cloudtracer / ThreatPinchLookup

Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
https://chrome.google.com/webstore/detail/threatpinch-lookup/ljdgplocfnmnofbhpkjclbefmjoikgke
362 stars 80 forks source link
alienvault censys cert chrome-extension circl cve dfir ibm-xforce incident-response misp osint passivetotal security shodan threat-hunting threat-sharing threatintel threatminer virustotal whois

ThreatPinch Lookup

Introduction

ThreatPinch Lookup creates informational tooltips when hovering oven an item of interest on any website. It helps speed up security investigations by automatically providing relevant information upon hovering over any IPv4 address, MD5 hash, SHA2 hash, and CVE title. It’s designed to be completely customizable and work with any rest API.

A sample of the type of data that can be displayed when hovering over an IPv4 address.

See it in action on Cisco Talos Blog.

Search and pivot using the graph

Current IOC Support

Current Integrations

Need a new integration?

Support

Check out the Wiki for documentation.

Please log an issue with any questions/comments. We'll respond as soon as possible.

Follow @ThreatPinch on Twitter.

Youtube channel with Demos.

Chrome Web Store

You can download the ThreatPinch Lookup extension directly from the Chrome Web Store.

ThreatPinch Lite is also available which has all the API lookups of ThreatPinch, but without the on hover injection code. ThreatPinch Lite relies on only the highlight right click search, and requires only permissions to make request to APIs which do not allow CORS requests.

How can I contribute/help ThreatPinch Lookup?

The best way to help or contribute to this project is to share any custom integrations you create with the community! Otherwise positive reviews and feedback in the Chrome Web Store and Product Hunt would be greatly appreciated!

Where is my data stored?

There is no backend server or database for ThreatPinch Lookup. All data is stored in locally used PouchDB databases. It all exists in your browser. Previously Chrome remote storage was used for some configuration items, this proved too challenging due to limitations on the storage. Going forward the Pouch databases will allow for some more interesting functionality.

Optionally, in the developers options you can configure a CouchDB server to sync your API responses with. See the Wiki for more details.

Firefox build?

If you are desperate for the Firefox build of ThreatPinch Lookup I've made it temporarily available here, just click install then ignore all the security warnings like a good security pro.

Release Notes