mitaka v2.0 releases: OSINT friendly IOC (Indicator of Compromise) search tool

by do son · Published August 3, 2019 · Updated February 26, 2024

Mitaka

Mitaka is an OSINT friendly IOC (Indicator of Compromise) search tool.

It works as a Chrome extension and it makes it possible to search/scan IOC via the context menu.

name	desc.	eg.
text	freetext	any string(s)
ip	IPv4 address	8.8.8.8
domain	domain name	github.com
url	URL	https://github.com
email	Email address	test@test.com
asn	ASN	AS13335
hash	md5 / sha1 / sha256	44d88612fea8a8f36de82e1278abb02f
cve	CVE number	CVE-2018-11776
btc	BTC address	1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa
gaPubID	Google Adsense Publisher ID	pub-9383614236930773
gaTrackID	Google Analytics Tracker ID	UA-67609351-1

name	url	supported types
BGPView	https://bgpview.io	ip / asn
BlockCypher	https://live.blockcypher.com	btc
Censys	https://censys.io	text
Cymon	https://cymon.io	ip / domain
DNSlytics	https://dnslytics.com	ip / domain
DomainBigData	https://domainbigdata.com	domain
DomainWatch	https://domainwat.ch	domain / email
FOFA	https://fofa.so	ip / domain
FindSubDomains	https://findsubdomains.com	domain
HybridAnalysis	https://www.hybrid-analysis.com	ip / domain / hash (sha256 only)
Intelligence X	https://intelx.io	ip / domain / url / email / btc
ONYPHE	https://www.onyphe.io	ip
OTX	https://otx.alienvault.com	ip / domain / hash
Pipl	https://pipl.com	email
PubDB	http://pub-db.com	gaPubID / gaTrackID
PublicWWW	https://publicwww.com	text
Pulsedive	https://pulsedive.com	ip / domaion / url / hash
RiskIQ	http://community.riskiq.com	ip / domain / email
SecurityTrails	https://securitytrails.com	ip / domain
Shodan	https://www.shodan.io	text
Sploitus	https://sploitus.com	cve
SpyOnWeb	http://spyonweb.com	ip / domain / gaPubID / gaTrackID
Talos	https://talosintelligence.com	ip / domain
ThreatCrowd	https://www.threatcrowd.org	ip / domain / email
Urlscan	https://urlscan.io	ip / domain / url
ViewDNS	https://viewdns.info	ip / domain / email
VirusTotal	https://www.virustotal.com	ip / domain / url / hash
Vulmon	https://vulmon.com	cve
WebAnalyzer	https://wa-com.com/	domain
X-Force Exchange	https://exchange.xforce.ibmcloud.com	ip / domain / hash
ZoomEye	https://www.zoomeye.org	ip

You can enable / disable a search engine via the extension’s options.

name	url	supported types
Urlscan	https://urlscan.io	ip / domain / url
VirusTotal	https://www.virustotal.com	url

The options schema has been changed and you may need to update the options via the options page.

https://chrome.google.com/webstore/detail/mitaka/bfjbejmeoibbdpfdbmbacmefcbannnbg

How to build (for developers)

git clone https://github.com/ninoseki/mitaka.git
cd mitaka
npm install
npm run test
npm run build

The Chrome extension shows context menus based on a type of IOC you selected and then you can choose what you want to search / scan on.

Examples:

Note:

urlscan.io scan:
- Please set your urlscan.io API key via the options if you want to make a scan.
VirusTotal scan:
- Please set your VirusTotal API key via the options if you want to make a scan.

You can enable / disable a search engine in the options page based on your preference.

This Chrome extension requires following permissions.

Read and change all your data on the websites you visit:
- This extension creates context menus dynamically based on what you select on a website.
- It means this extension requires reading all your data on the websites you visit. (This extension doesn’t change anything on the websites)
Display notifications:
- This extension makes a notification when something goes wrong.