Skip to content
Go to file


Build Status CodeFactor Coverage Status


Mitaka is a browser extension for OSINT (open source intelligence) search which can:

  • Extract & refang IoCs (indicators of compromise) from a selected block of text.
    • E.g. example[.]com to, test[at] to, hxxp:// to, etc.
    • You can find all the refang techniques at here.
  • Search / scan it on various engines.
    • E.g. VirusTotal,, Censys, Shodan, etc.



Supported IoCs

name desc. e.g.
text Freetext any string(s)
asn ASN AS13335
btc BTC address 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa
cve CVE number CVE-2018-11776
domain Domain name
email Email address
eth Ethereum address 0x32be343b94f860124dc4fee278fdcbd38c102d88
gaPubID Google Adsense Publisher ID pub-9383614236930773
gaTrackID Google Analytics Tracker ID UA-67609351-1
hash md5 / sha1 / sha256 44d88612fea8a8f36de82e1278abb02f
ip IPv4 address
url URL

Supported search engines

name url supported types
AbuseIPDB ip
AnyRun hash
apklab hash (SHA256 only) url url
Auth0 ip
BGPView ip / asn
BinaryEdge ip / domain
BitcoinAbuse btc
BitcoinWhosWhos btc btc
Blockchair btc / eth
BlockCypher btc
Censys ip / domain / asn / text domain
DNSlytics ip / domain
DomainBigData ip / domain / email
DomainTools ip / domain
DomainWatch domain / email
EmailRep email
FOFA ip / domain
FortiGuard ip / url / cve
Google Safe Browsing domain / url
GreyNoise ip / domain / asn
Hashdd ip / domain / hash
Hurricane Electric ip / domain / asn
HybridAnalysis ip / domain / hash
Intelligence X ip / domain / url / email / btc
Intezer hash
IPinfo ip / asn
IPIP ip / asn
Joe Sandbox hash
MalShare hash
Maltiverse domain / hash
MalwareBazaar hash
Malwares hash
NVD cve
OOCPR email
OpenTIP hash
OTX ip / domain / hash
PublicWWW text
Pulsedive ip / domain / url / hash
RiskIQ ip / domain / email / gaTrackID
Robtex ip / domain
Scumware ip / domain / hash (MD5 only)
SecurityTrails ip / domain / email
Shodan ip / domain / asn
Sploitus cve
SpyOnWeb ip / domain / gaPubID / gaTrackID
Spyse ip / domain / asn
Talos ip / domain
ThreatConnect ip / domain / email
ThreatCrowd ip / domain / email
ThreatMiner ip / domain / hash
TIP ip / domain
URLhaus ip / domain
Urlscan ip / domain / asn / url
ViewDNS ip / domain / email
VirusTotal ip / domain / url / hash
VMRay hash
Vulmon cve
VulncodeDB cve
VxCube ip / domain / hash
WebAnalyzer domain
X-Force Exchange ip / domain / hash
ZoomEye ip

Supported scan engines

name url supported types
Browserling url
HybridAnalysis url
Urlscan ip / domain / url
VirusTotal url

How to use

This browser extension shows context menus based on a type of IoC you selected and then you can choose what you want to search / scan on.




Also, there is a how-to article about Mitaka which is written by Null Byte.


Please set your API keys in the options for enabling HybridAnalysis, and VirusTotal scans.


You can enable / disable a search engine on the options page based on your preference.


About Permissons

This browser extension requires the following permissions.

  • Read and change all your data on the websites you visit:
    • This extension creates context menus dynamically based on what you select on a website.
    • It means this extension requires reading all your data on the websites you visit. (This extension doesn't change anything on the websites)
  • Display notifications:
    • This extension makes a notification when something goes wrong.

I don't (and will never) collect any information from the users.

Privacy Policy

Alternatives or Similar Tools


Read the contribution guide and join the contributors.

You can’t perform that action at this time.