CRX id
dfdkkcaejkpihbcleifndpbeijonccfo
dfdkkcaejkpihbcleifndpbeijonccfo
Description from extension meta
An extension that extracts IOCs like URLs, IPv4s, filenames, MD5, SHA1, SHA256 hashes, and submits them to threat intel platform
Image from store
Description from store
Detailed Description:
Extract Indicators of Compromise (IOCs) directly from web pages and seamlessly submit them to your Threat Intelligence (TI) platform. Supports URLs, IP addresses, filenames, MD5, SHA1, and SHA256 hashes.
Currently compatible with MISP, with more platforms planned in future updates.
Features:
• Extract IOCs such as URLs, IPv4 addresses, filenames, MD5, SHA1, and SHA256 hashes from any webpage.
• Automatically categorize and display extracted IOCs.
• Download IOCs as a plain text file.
• Submit extracted IOCs directly to your MISP instance.
• Simple configuration to integrate with MISP.
• Plans to support additional TI platforms in future releases.
How To Use:
• Install the extension and open any web page.
• Hover over the extension icon to activate and begin IOC extraction.
• Choose between:
• Downloading extracted IOCs as a text file.
Submitting IOCs to your MISP instance:
Before submitting to MISP, update the extension settings:
MISP URL (e.g., https://your-misp-instance.com)
API Key (generate this from your MISP account settings)
MISP Configuration Notes (for submission)
If you encounter a network error while submitting to MISP, it may be due to CORS restrictions.
To resolve this:
Open the MISP configuration file:
/var/www/MISP/app/Config/config.php
Update the setting:
“check_sec_fetch_site_header”→ false
This will help avoid CORS-related submission issues.