Beta 0.20.0

This new version comes with several improvements and changes in the creation and management of graphs.

STIX Support

• The graphs are now based on STIX 2.1 standard (https://oasis-open.github.io/cti-documentation/stix/intro.html).
• New types of nodes that can be added to a graph:
  • New observable objects: Autonomous System, IPv6, MAC address, Network Traffic, Software and User Account
  • Domain Objects: Attack Pattern, Campaign, Course of Action, Identity, Infrastructure, Intrusion Set, Location, Malware, Malware Analysis, Note, Report, Threat Actor, Tool and Vulnerability.
• You can export the graph as a STIX Bundle JSON file.

Vis Network library for graph rendering

• Now the graph is rendered and displayed using the library Vis Network (https://github.com/visjs/vis-network), which offers more flexibility and a better look and feel of graphs.
• Additional options to customize the visualisation and behaviour of a graph
• Add graph node filtering by label

Other improvements and fixes

• Broken JoeSandbox lookup URL is solved in this release

Beta 0.19.0

This new version comes with many new feature, improvements and bug fixes for graphs. The user interface for graphs has been totally updated with a new look and feel, with new settings to customize the graph view.

A new experimental feature has been introduced that allows automatic graph generation while using the addon.

Two new resources have been added (Threatbook CTI and Cymru)

Beta 0.18.1

Add

• Spam Database Lookup resource
• Project Honeypot resource

Change

• Removed Checkphish Lookup resource (no more available)
• Update d3 library to version 7.8.5

Fix

• Checkphish scan
• FortiGuard web filter lookup
• Popup loading bug whem auto catching is enabled

Beta 0.18.0

Added

• You can now create graph during your analysis, adding indicators as nodes and relations between them. More information will be available in the Wiki section.

• Domain for Censys Host resource

Changed

• Censys URL (Certificates and Hosts)
• UI improvements

Fix

• Tools first loading bug in context menu

Beta 0.17.0

Add

• Web Check resource for domains and urls
• Hunter.how resource for domains and ip addresses

Fix

• Field auto-fill for web resources that support only post requests

Beta 0.16.0

Add

• Bin icon to clean indicators list and show the popup main screen
• SSLShopper tool for TLS certificate lookup
• Digicert TLS certificate validator

Change

• The catch option in the search bar will no longer show the list of the indicators found but only their occurrences (useful only whane auto indicators catching option is disabled)

Beta 0.15.1

Add

• Settings option to disable indicators auto catching feature

Fix

• GitHub icon

Beta 0.15.0

Add

• FOFA search engine

Fix

• Defanged email regex recursion

Beta 0.14.1

Added

• PolySwarm sandbox web resource

Fixed

• Email regex does not accept upper case and special characters (%+-)

Beta 0.14.0

Added

• New popup main page reporting the number of indicators for each type found in the current visiting webpage
  

• Twitter, Leakpeek, DNS History, BreachDirectory, Phishunt, CleanTalk resources
  
  
  
  
  

• Each button on the popup main page can be clicked to display indicators of the corresponding type

• Defanged indicators detection and collection from the current visiting webpage

Changed

• Improved support for defanged indicators
• Removed badge text when the indicators count is 0
• Removed ThreatCrowd (service no more available)

Fixed

• Tools list loading at startup
• Indicators counting when a page is first loaded in a new tab
• Acceptance of IP addresses with a 0 at the beginning of one or more octects