ThreatPinch Lookup – Enhancing Cybersecurity Investigations Through Automated Tooltips

ThreatPinch Lookup creates informational tooltips when hovering oven an item of interest on any website.

It helps speed up security investigations by automatically providing relevant information upon hovering over any IPv4 address, MD5 hash, SHA2 hash, and CVE title.

It’s designed to be completely customizable and work with any rest API.

Current IOC Support

• IPv4
• MD5
• SHA1
• SHA2
• CVE
• FQDN (EFQDN is for Internet FQDN, IFQDN is for internal domains)
• Bitcoin
• Email
• URL
• Add your own in the options with regex!

Current Integrations

• ThreatMiner for IPv4, Email, FQDN, MD5, SHA1 and SHA2 lookups.
• Alienvault OTX for IPv4, CVE, MD5, SHA1 and SHA2 lookups.
• IBM XForce Exchange for IPv4, EFQDN lookups.
• VirusTotal for MD5, SHA1, SHA2, URL and FQDN lookups.
• Cymon.io for IPv4 lookups.
• ThreatCrowd for IPv4, FQDN and MD5 lookups.
• CIRCL (Computer Incident Response Center Luxembourg) for CVE lookups.
• PassiveTotal for FQDN Whois lookups.
• MISP for MD5 and SHA2 (If you want more submit an issue in this github).
• Censys.io for IPv4 lookups.
• Shodan for IPv4 lookups.
• ZoomEye for IPv4 lookups.
• BlockChain.info for Bitcoin lookups.
• Bitcoin Whos Who for Bitcoin lookups.
• BTC for Bitcoin lookups.
• PulseDive for IPv4, FQDN and URL lookups.
• Recorded Future for IPv4, FQDN, MD5, SHA1 and SHA2 lookups.
• Google Safe Browsing for URL lookups.
• Have I Been Pwned for Email lookups.
• Add your own in the developers options page!

For more information click here.