All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
- files.ninja web resource
- PSBDMP web resource
- Spur tool for IP addresses
- Cloudflare Radar tool
- SiceHice web resource
- IBM X-Force Exchange web resource
- PhishTank web resource
- Snyk web resource for vulnerabilities lookup
- ioc[.]one web resource
- Change local storage management APIs
- Remove Polifyll library
- Minor changes to make porting to Chrome possible
- Minor stylesheets bugs
- Minor bugs
- Text animation to display entire tool names when they are too long
- Option to disable the typing animation of indicators in text fields
- Exact string search for GitHub resource
- Investigate option in context menu to send indicators to the popup
- Option in the context menu to add selected text as a node to the graph
- Option to filter tools that support auto-graph generation
- Option to filter tools that do not require user interactions
- Option to filter tools that do not require accounts
- Button to filter tools by name
- Icon to mark the tools that support the automatic graph population feature
- Icon to mark the tools that require user interaction
- Icon to mark the tools that require an account
- Popup box to show content of Note nodes
- Filtering for collected indicators based on value
- Updated browser-polyfill library
- Speed up typing animation
- Shrink the history drop-down menu
- Removed tools from context menu
- Removed phone numbers format conversion when collecting indicators. Make the conversion only when the user submits a collected phone number indicator for investigations.
- UI improvements in graph page
- Improve indicators detection
- Popup UI improvements
- Urlscan visibility scan selection
- Indicators collection on web pages containing private IP addresses
- MAC Address form in graph page
- Filtering by tool name when other filters are active
- Filtering by tool tags when other filters are active
- Filtering by tool name
- Saving and restoring tag filtering
- Bug that prevented tags from being added to custom tools
- Graphical bug when the textarea is resized in the forms on the graph page
- Gray background when a relationship is added from popup
- Bug that prevented the export of collected indicators
- Phone number indicator
- Autonomous System Number indicator
- Phone number and ASN indicators detection and collection
- Country flag based on phone number's dial code
- Templates to speed up custom resources creation
- Custom resources export option
- CVE Details resource for CVEs
- Exploit Database resource for CVEs
- IP Quality Score resource for phone number lookup
- Google Trends resource
- Poc-In-Github resource for CVEs
- Rapid7 Vulnerability & Exploit database resource
- HudsonRock resource
- HackerTarget DNS Lookup, Whois Lookup, Banner Grabbing, Extract links, HTTP Header check and Wappalyzer/WhatWeb Scan
- CISA KEV Catalog resource
- Emobile Tracker resource
- Sync.me and Truecaller resources
- CIRCL.LU vulnerability lookup
- OpenCVE resource
- BGPView resource
- RIPE Database resource
- Greensnow resource for IP addresses
- SecureFeed resource for IP and domains
- Search operator "tool:" to filter by tool
- Show country name on hovering flag
- Show release notes on update
- Custom resources page UI
- Rename Twitter to X
- Update Netcraft logo and color
- Improve popup look (font and colors)
- Improve resource icons
- Add lookup for ASN and Phone in Pulsedive
- Addon update detection
- Autofill input field detection logic
- Search operator for filtering by tool from "+" to "!"
- Domain extraction from email address
- Button name in add relationship prompt in graph page
- Accept URLs containing IP address and port
- Custom tools loading
- Delete node in graph from popup
- Remove flag from the input field when the indicator is removed
- Several fixes in custom resources page
- Tool search operator
- STIX support in the graph tool
- More options and features for graphs
- New graph engine (Vis Network)
- New graph page UI
- JoeSandbox URL
- Automatic graph generation
- Threatbook CTI resource for domains and IP addresses
- Info boxes on setting items
- Graph UI
- Settings menu
- Minor fixes
- Spam Database Lookup resource
- Project Honeypot resource
- Removed Checkphish Lookup resource (no more available)
- Update d3 library to version 7.8.5
- Checkphish scan
- FortiGuard web filter lookup
- Popup loading bug whem auto catching is enabled
- Graph
- Censys URL (Certificates and Host)
- Added domain for Censys Host resource
- Tools first loading bug in context menu
- Web Check resource for domains and urls
- Hunter.how resource for domains and ip addresses
- Field auto-fill for web resources that support only post requests
- Bin icon to clean indicators list and show the popup main screen
- SSLShopper tool for TLS certificate lookup
- Digicert TLS certificate validator
- The catch option in the search bar will no longer show the list of the indicators found but only their occurrences
- Settings option to disable indicators auto catching feature
- GitHub icon
- Base64 encoding for URL parameters
- FOFA search engine
- Defanged email regex recursion
- PolySwarm sandbox web resource
- Email regex does not accept upper case and special characters (%+-)
- New popup main page reporting the number of indicators for each type found in the current visiting webpage
- Each button on the popup main page can be clicked to display indicators of the corresponding type
- Defanged indicators detection and collection from the current visiting webpage
- Twitter, Leakpeek, DNS History, BreachDirectory, Phishunt, CleanTalk resources
- Improved support for defanged indicators
- Removed badge text when the indicators count is 0
- Removed ThreatCrowd (service no more available)
- Tools list loading at startup
- Indicators counting when a page is first loaded in a new tab
- Acceptance of IP addresses with a 0 at the beginning of one or more octects
- Bug: the number in the badge text is not being updated when a new page is loaded
- Bug: undefined country flag when a domain is selected from the list of indicators collected with catch
- Badge text that automatically reports the number of indicators found on the web page opened in the current tab
- Lupovis web resource for IP reputation
- DOCGuard web resource for malware hash lookup
- Hash search for InQuest resource
- "Beta" notation to the version that appears in the popuo
- Hunt feature icon and name to "Catch"
- Removed addon name from popup splash screen
- Visibility of the Catch button when an input entry is selected from the history
- BuiltWith tool entry's "techs" tag
- Current tab bug in Catch feature when more windows are open
- Presence of badge text when an input is entered after launching indicators Catch
- Minor fixes in the Custom Tool page
- New web resources
- PacketTotal
- Inquest Labs
- Criminalip
- New tags
- ThreatCrowd URL
- Google Safe Browsing for URL reputation check
- LeakCheck to check if an email address has been compromised in a breach
- Removed Spyse web resource, as it is unreachable
- Any.run web resource for hash analysis
- Indicators search history
- URL input field for custom tools creation
- Minor fixes
- Security Headers for headers analysis for URLs
- String replacing for Google tool
- New feature for adding custom web resources
- W3Techs web resources for domain technologies lookup
- MultiRBL.valli.org lookup tool (WHOIS & DNSBL)
- bgp.tools lookup tool for IP address (WHOIS & DNS)
- Censys certificates and hosts lookup
- Filtering by tool name, using special character '+' in the search bar
- Indicators list download
- Removed Alexa (End of service on May 1st 2022)
- Defanged domain and URL regex
- Favorites handling
- Filtering by type for indicators collected through hunt feature.
- LeakIX web resources for IPs and domains (Leak and Services lookup)
- Deletion of indicator from local storage when trash bin icon is clicked.
- Removing of badge text on active tab change
- Browserling icon
- CVE web resources (AttackerKB, Tenable, CVE report, Vulners)
- Greynoise resource for IP address
- Google search engine
- Hunt feature for CVEs
- Added "tls" and "whois" tag to Spyse resource
- Popup crash
- Disclaimer
- IANA whois icon
- Minor fixes
- New WHOIS tools (URLVoid Whois Lookup, Whois, EuroDNS, IANA, MX Toolbox)
- MX Toolbox resources (WHOIS, DNS Lookup, Blacklist lookup)
- Fortiguard Web Filter Lookup
- CVEs web resources (Mitre, NIST, Vulmon, GitHub, Fortiguard, Kaspersky)
- Rejection of valid defanged URL with two or more subdomains
- Censys URL request
- Autofill feature for context menu.
- Support for defanged indicators
- Input validation for domains with TLD with more than 6 characters.
- On the web pages that require human interactions to submit a query, the input text field will be automatically filled only once
- VirusTotal and Urlscan auto-submit
- Disappearing of the domain extraction icon option when closing the popup.
- BuiltWith resource for domains
- Open in new/current tab button
- Hunt! feature that let you search search all potential indicators present in the web page visible in the current active tab of the browser.
- Trash bin button to clear the input text field.
- Open in new/current tab button
- Behaviour of indicators text selection. Now only submitted indicator will be saved inside the input text field of the popup.
- Buttons icons inside the input text field.
- Settings popup appearance
- Behaviour of the domain extraction feature icon in the textfield
- Auto-submit feature for CentralOps resource (domain whois, network whois, dns)
- Removed auto-submit feature for active URL scan with urlscan.io (scans fails because of CAPTCHA errors)
- Urlscan visibility settings even without auto-submit feature enabled
- Urlscan active URL scan with auto-submit feature. Three options are available, one for each level of scan visibility provided for by urlscan.io (public, unlisted and private)
- VirusTotal active/passive URL scan with auto-submit feature
- Auto-submit is now disabled by default
- Talos Intelligence domain and IP lookup
- Minor fixes
- Added tags to web resources depending on the type of information they provide
- Added web resources filtering by tag
- Improve local storage cleaning when a add-on version updates occur
- Pop-up appearance
- Popup text field width
- Minor fixes
- Auto-submit disable/enable option
- Intezer Analyze for malicious file hash lookup
- Project structure
- Added browser-polyfill.js library
- Improved
- Hiding of web resources list when the text field is empty
- Indicator type detection when selecting text
- Feature that allows to automatically submit indicators on web resources that requires UI actions (dnsdumpster, urlvoid, hibp)
- Feature that allows to extract domain name from URL or email addresses
- BPG Hurricane resource name to Hurricane Electric
- Web Archive resource name to Wayback Machine
- Open in new tab default option
- Query for Web Archive web resource
- Settings popup
- "Open in new tab" option
- Code improvements and clean-up
- Indicator type detection when selecting text on a webpage
- SecurityTrails, ZoomEye and Spamhaus for domain and IP researches
- JoeSandbox for hash researches
- Version update bug
- Malware bazaar hash lookup
- UI appearance
- Removed JQuery
- Old cache bug when add-on is updated
- URLvoid textfield autofill
- IntelligenceX and Threat Crowd for email address lookup
- Add-on logo in the popup. Added version number.
- Error and warning message appearance.
- Tools are now alphabetically ordered.
- Fixed domain indicator detection when it contains underscores
- Support for email addresses, with five web services:
- Dehashed
- Have I Been Pwned
- CentralOps (Email Dossier)
- Hunter
- Emailrep
- New web services
- dnsdumpster
- CentralOps (Domain Dossier)
- Support for web services that requires some user interactions (such as submitting a query or solving CAPTCHA). Text fields on these web pages will be automatically filled with searched indicator.
- Indicator searched through context menu will be saved as input in the text field of the popup.
- ViewDNS tools (Whois, DNS Lookup and HTTP Headers)
- Netcraft site report tool
- Popup buttons appearance
- Checkphish Lookup tool for domains and IPs
- Checkphish Scan tool for URLs
- Popup buttons appearance
- (Temporarily) removed VirusTotal URL lookup (it was not working)
- Highlighted text can contain spaces
- Threatcrowd icon background
- Hash false positive detection in text selection
- Context menu works properly on all websites
- Web resources description
- Censys domain lookup
- VirusTotal URL lookup
- urlscan liveshot for URLs
- urlscan IP lookup
- Threatcrowd web resource (for domains and IPs)