Creates on hover tooltips for every website for IPv4, MD5, SHA2, CVE or any custom IOC you define. Designed to work with any API, customization encouraged. Its the infosec threat and OSINT swiss army knife for your browser. Investigate less by taking your context with you.
Documentation here: https://github.com/cloudtracer/ThreatPinchLookup/wiki
- Add your own IOC's by setting your own Look up type via regex
- Create your own data connections, maybe add a data connection for your asset portal
- Sync your data requests with a CouchDB
- Filter look up requests so that you aren't looking up your own assets in online tools.
- Supports defanged IOCs
- Bulk IOC searching!
Out of the box integrations with:
- ThreatMiner for IPv4, FQDN, MD5, SHA1 and SHA2 lookups
- Alienvault OTX for IPv4, MD5, SHA1 and SHA2 lookups
- IBM X-Force Exchange for IPv4, FQDN lookups
- VirusTotal for MD5, SHA1, SHA2, FQDN lookups
- Cymon.io for IPv4 lookups
- ThreatCrowd for IPv4, FQDN and MD5 lookups
- Computer Incident Response Center Luxembourg (CIRCL) for CVE Lookups
- PassiveTotal for FQDN whois Lookups
- MISP for MD5 and SHA2
- Censys.io for IPv4 Lookups
- Shodan for IPv4 Lookups
- BlockChain.info for Bitcoin Lookups
- Zoomeye for IPv4 and FQDN lookups
- PulseDive for IPv4, FQDN and URL lookups
- Bitcoin Whos Who for Bitcoin lookups
- Recorded Future for IPv4, FQDN, MD5, SHA1 and SHA2 lookups
- Google Safe Browsing for URL lookups
- Have I Been Pwned for Email lookups
Some functionality not complete. ThreatPinch is still in a beta phase of testing, feedback is welcome.