Mitaka : A Browser Extension For OSINT Search

Mitaka is a browser extension for OSINT search which can:

  • Extract & refang IoC from a selected block of text.
    • E.g. example[.]com to example.com, test[at]example.com to test@example.com, hxxp://example.com to http://example.com, etc.
  • Search / scan it on various engines.
    • E.g. VirusTotal, urlscan.io, Censys, Shodan, etc.

Features

Supported IOC types

namedesc.e.g.
textFreetextany string(s)
ipIPv4 address8.8.8.8
domainDomain namegithub.com
urlURLhttps://github.com
emailEmail addresstest@test.com
asnASNAS13335
hashmd5 / sha1 / sha25644d88612fea8a8f36de82e1278abb02f
cveCVE numberCVE-2018-11776
btcBTC address1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa
gaPubIDGoogle Adsense Publisher IDpub-9383614236930773
gaTrackIDGoogle Analytics Tracker IDUA-67609351-1

Also Read – Act Platform : Open Platform For Collection & Exchange Of Threat Intelligence Information

Supported search engines

nameurlsupported types
AbuseIPDBhttps://www.abuseipdb.comip
archive.orghttps://archive.orgurl
archive.todayhttp://archive.fourl
BGPViewhttps://bgpview.ioip / asn
BinaryEdgehttps://app.binaryedge.ioip / domain
BitcoinAbusehttps://www.bitcoinabuse.combtc
Blockchain.comhttps://www.blockchain.combtc
BlockCypherhttps://live.blockcypher.combtc
Censyshttps://censys.ioip / domain / asn / text
crt.shhttps://crt.shdomain
DNSlyticshttps://dnslytics.comip / domain
DomainBigDatahttps://domainbigdata.comdomain
DomainToolshttps://www.domaintools.comip / domain
DomainWatchhttps://domainwat.chdomain / email
EmailRephttps://emailrep.ioemail
FindSubDomainshttps://findsubdomains.comdomain
FOFAhttps://fofa.soip / domain
FortiGuardhttps://fortiguard.comip / url / cve
Google Safe Browsinghttps://transparencyreport.google.comdomain / url
GreyNoisehttps://viz.greynoise.ioip / domain / asn
Hashddhttps://hashdd.comip / domain / hash
HybridAnalysishttps://www.hybrid-analysis.comip / domain / hash (sha256 only)
Intelligence Xhttps://intelx.ioip / domain / url / email / btc
IPinfohttps://ipinfo.ioip / asn
IPIPhttps://en.ipip.netip / asn
Joe Sandboxhttps://www.joesandbox.comhash
MalSharehttps://malshare.comhash
Maltiversehttps://www.maltiverse.comdomain / hash
NVDhttps://nvd.nist.govcve
OOCPRhttps://data.occrp.orgemail
ONYPHEhttps://www.onyphe.ioip
OTXhttps://otx.alienvault.comip / domain / hash
PubDBhttp://pub-db.comgaPubID / gaTrackID
PublicWWWhttps://publicwww.comtext
Pulsedivehttps://pulsedive.comip / domaion / url / hash
RiskIQhttp://community.riskiq.comip / domain / email / gaTrackID
SecurityTrailshttps://securitytrails.comip / domain / email
Shodanhttps://www.shodan.ioip / domain / asn
Sploitushttps://sploitus.comcve
SpyOnWebhttp://spyonweb.comip / domain / gaPubID / gaTrackID
Taloshttps://talosintelligence.comip / domain
ThreatConnecthttps://app.threatconnect.comip / domain / email
ThreatCrowdhttps://www.threatcrowd.orgip / domain / email
ThreatMinerhttps://www.threatminer.orgip / domain / hash
TIPhttps://threatintelligenceplatform.comip / domain
Urlscanhttps://urlscan.ioip / domain / asn / url
ViewDNShttps://viewdns.infoip / domain / email
VirusTotalhttps://www.virustotal.comip / domain / url / hash
Vulmonhttps://vulmon.comcve
VulncodeDBhttps://www.vulncode-db.comcve
VxCubehttp://vxcube.comip / domain / hash
WebAnalyzerhttps://wa-com.comdomain
We Leak Infohttps://weleakinfo.comemail
X-Force Exchangehttps://exchange.xforce.ibmcloud.comip / domain / hash
ZoomEyehttps://www.zoomeye.orgip

Supported scan engines

nameurlsupported types
Urlscanhttps://urlscan.ioip / domain / url
VirusTotalhttps://www.virustotal.comurl

Downloads

How to use?

This browser extension shows context menus based on a type of IoC you selected and then you can choose what you want to search / scan on.

Examples:

Note:

Please set your urlscan.io & VirusTotal API keys in the options page for enabling urlscan.io & VirusTotal scans.

Options

You can enable / disable a search engine on the options page based on your preference.

About Permissons

This browser extension requires the following permissions.

  • Read and change all your data on the websites you visit:
    • This extension creates context menus dynamically based on what you select on a website.
    • It means this extension requires reading all your data on the websites you visit. (This extension doesn’t change anything on the websites)
  • Display notifications:
    • This extension makes a notification when something goes wrong.

I don’t (and will never) collect any information from the users.

How to build (for developers)

This browser extension is written in TypeScript and built by webpack.

TypeScript files will start out in src directory, run through the TypeScript compiler, then webpack, and end up in JavaScript files in dist directory.

git clone https://github.com/ninoseki/mitaka.git
cd mitaka
npm install
npm run test
npm run build

Download
R K

Share
Published by
R K
Tags: BrowserExtensionMitakaOSINT
6 years ago

Recent Posts

How UDP Works and Why It Is So Fast

When people ask how UDP works, the simplest answer is this: UDP sends data quickly…

2 hours ago

How EDR Killers Bypass Security Tools

Endpoint Detection and Response (EDR) solutions have become a cornerstone of modern cybersecurity, designed to…

4 days ago

AI-Generated Malware Campaign Scales Threats Through Vibe Coding Techniques

A large-scale malware campaign leveraging AI-assisted development techniques has been uncovered, revealing how attackers are…

4 days ago

How Does a Firewall Work Step by Step

How Does a Firewall Work Step by Step? What Is a Firewall and How Does…

4 days ago

Fake VPN Download Trap Can Steal Your Work Login in Minutes

People trying to securely connect to work are being tricked into doing the exact opposite.…

5 days ago

This Android Bug Can Crack Your Lock Screen in 60 Seconds

A newly disclosed Android vulnerability is making noise for a good reason. Researchers showed that…

1 week ago