{"id":30774947,"url":"https://github.com/atif-c/ioc-intel","last_synced_at":"2026-04-16T00:31:39.105Z","repository":{"id":306141449,"uuid":"1025149155","full_name":"atif-c/IOC-Intel","owner":"atif-c","description":"IOC Intel is a powerful and flexible browser extension designed to streamline the investigation of Indicators of Compromise (IOCs).","archived":false,"fork":false,"pushed_at":"2025-09-27T14:49:55.000Z","size":475,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-09-27T16:22:38.743Z","etag":null,"topics":["chromium","firefox","ioc","osint","webextension"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/atif-c.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-07-23T19:58:07.000Z","updated_at":"2025-09-27T14:48:54.000Z","dependencies_parsed_at":"2025-08-25T15:17:54.091Z","dependency_job_id":"3e453fae-8813-4197-b8c9-141e2166b0d5","html_url":"https://github.com/atif-c/IOC-Intel","commit_stats":null,"previous_names":["atif-c/ioc-intel"],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/atif-c/IOC-Intel","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/atif-c%2FIOC-Intel","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/atif-c%2FIOC-Intel/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/atif-c%2FIOC-Intel/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/atif-c%2FIOC-Intel/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/atif-c","download_url":"https://codeload.github.com/atif-c/IOC-Intel/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/atif-c%2FIOC-Intel/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":281738928,"owners_count":26553068,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-30T02:00:06.501Z","response_time":61,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["chromium","firefox","ioc","osint","webextension"],"created_at":"2025-09-05T03:03:53.141Z","updated_at":"2026-04-16T00:31:39.065Z","avatar_url":"https://github.com/atif-c.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# IOC Intel\n\nA powerful browser extension for investigating Indicators of Compromise. Use a popup button or context menu button to analyse highlighted IOCs.\n\n## Download\n\nGet IOC Intel from your browser's extension store:\n\n-   [Firefox](https://addons.mozilla.org/en-GB/firefox/addon/ioc-intel)\n-   [Chrome](https://chromewebstore.google.com/detail/ioc-intel/nepfimakbjcpoanlcdceklibepapeann)\n-   [Edge](https://microsoftedge.microsoft.com/addons/detail/ioc-intel/iindoakkhkejhloloffajdkbdbeblnpa)\n\n## Features\n\n-   Lookup:\n\n    -   **IPv4 / IPv6 addresses**\n    -   **Hashes**: MD5, SHA-1, SHA-256\n    -   **URLs** and **domains**\n\n-   Customisable settings:\n    -   Enable/disable IOC types: IP, hash, URL\n    -   Enable/disable:\n        -   Auto-copy to clipboard\n        -   Sanitisation (e.g., `192.168.1[.]1`, `example[.]com`)\n    -   Define your own intel URLs with dynamic placeholders\n-   Opens intel links in background tabs for fast access\n\n## Supported Placeholders\n\nYou can define custom threat intel URLs with these dynamic values:\n\n| Placeholder    | Description                            |\n| -------------- | -------------------------------------- |\n| `{ip}`         | Raw IP address                         |\n| `{hash}`       | Raw hash (MD5/SHA-1/SHA-256)           |\n| `{url}`        | Raw URL                                |\n| `{encodedUrl}` | URL-encoded version of `{url}`         |\n| `{domain}`     | Domain extracted from the selected URL |\n\n## Try Online\n\nTest the extension with this mock webpage: [IOC Intel Demo](https://atif-c.github.io/IOC-Intel/test-iocs)\n\n## Configuration\n\nAfter installing, open the extension's **Options** page to:\n\n-   Enable/disable types of IOCs to monitor\n\n-   Toggle:\n    -   Clipboard copying\n    -   IOC sanitisation\n\n-   Set your own threat intel URLs for:\n    -   IP addresses\n    -   Hashes\n    -   URLs\n\nYou can include multiple URLs per IOC type\n\nExample intel URL for IP:\n\n```\nhttps://www.abuseipdb.com/check/{ip}\n```\n\nExample intel URL for hash:\n\n```\nhttps://www.virustotal.com/gui/file/{hash}/details\n```\n\nExample intel URL for URL:\n\n```\nhttps://urlhaus.abuse.ch/browse.php?search={encodedUrl}\n```\n\n## Example Usage\n\n1. Highlight an IP, hash, or URL\n2. Right-click and choose `IOC Intel`\n3. Intel links open in background tabs\n4. If enabled, the IOC is copied (and sanitised)\n\n## IOC Types \u0026 Validation\n\n-   **IP Addresses**: IPv4 and IPv6\n-   **Hashes**: MD5 (32 chars), SHA-1 (40 chars), SHA-256 (64 chars)\n-   **URLs**:\n\n## Browser Permissions Used\n\n| Permission       | Purpose                                    |\n| ---------------- | ------------------------------------------ |\n| `clipboardWrite` | Copies IOCs to clipboard                   |\n| `contextMenus`   | Adds right-click options                   |\n| `storage`        | Saves user settings                        |\n| `tabs`           | Opens threat intel URLs in background tabs |\n\n## Development\n\n### Building from Source\n\n1. **Clone the repository**:\n\n    ```bash\n    git clone https://github.com/your-username/ioc-intel.git\n    cd ioc-intel\n    ```\n\n2. **Install dependencies**:\n\n    ```bash\n    npm install\n    ```\n\n3. **Build the extension**:\n\n    ```bash\n    npm run build\n    ```\n\n    This creates:\n\n-   Unpacked extensions in `dist/chrome/` and `dist/firefox/`\n-   Zipped `.zip` files ready for publishing or sideloading\n\n### Live Development\n\nFor active development with automatic reloading:\n\n```bash\nnpm run dev\n```\n\nThis uses `web-ext` to:\n\n-   Launch Firefox with the extension loaded\n-   Auto-reload the extension when source files change\n-   Provide live development feedback\n\n### Manual Installation\n\n#### Firefox\n\n1. Open `about:debugging#/runtime/this-firefox` in your address bar\n2. Click **Load Temporary Add-on**\n3. Select the `manifest.json` file in the `dist/firefox/` folder\n\n#### Chrome\n\n1. Open `chrome://extensions/` in your address bar\n2. Enable **Developer mode** (top-right toggle)\n3. Click **Load unpacked**\n4. Select the `dist/chromium/` folder\n\n#### Edge\n\n1. Open `edge://extensions/` in your address bar\n2. Enable **Developer mode** (bottom-left toggle)\n3. Click **Load unpacked**\n4. Select the `dist/chromium/` folder (Edge uses Chromium format)\n\n### File Structure\n\n```\nioc-intel/\n├── build.js                            # Build script for Firefox/Chromium extensions\n├── web-ext-config.mjs                  # Firefox web-ext development configuration\n├── src/                                # Source files (editable)\n│   ├── assets/                         # Static assets (icons, fonts, images)\n│   │\n│   ├── lib/                            # Core application libraries\n│   │   ├── IOC/                        # IOC validation and processing logic\n│   │   ├── browser/                    # Browser extension interaction layer\n│   │   ├── components/                 # Reusable Svelte UI components\n│   │   ├── storage/                    # Data persistence and state management\n│   │   └── utils/                      # Other code\n│   │\n│   ├── manifests/                      # Extension manifest definitions\n│   │   ├── manifest.base.json\n│   │   ├── manifest.chromium.json      # Merged with base for Chromium builds\n│   │   └── manifest.firefox.json       # Merged with base for Firefox builds\n│   │\n│   └── popup/                          # Extension popup window implementation\n│\n└── dist/                               # Build output (ignored by Git)\n    ├── firefox/\n    ├── chromium/\n    ├── firefox.zip\n    └── chromium.zip\n```\n\n---\n\n### Attribution\n\nSatellite emoji icon by [Twemoji](https://github.com/twitter/twemoji), licensed under [CC BY 4.0](https://creativecommons.org/licenses/by/4.0/)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fatif-c%2Fioc-intel","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fatif-c%2Fioc-intel","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fatif-c%2Fioc-intel/lists"}