Sputnik — An Open Source Intelligence Browser Extension

Mitch Moser
Dec 29, 2018 · 3 min read
Image for post
Image for post

Summary

Sputnik is a browser extension which I designed to quickly and easily search IPs, Domains, File Hashes, and URLs using free Open Source Intelligence (OSINT) resources.

As an Incident Response Analyst, this tool has enabled streamlined pivoting on artifacts gathered during investigations. Being able to quickly gather OSINT helps provide context to an investigation and can help when developing a narrative for an incident.

I designed this with convenience and efficiency in mind. In order to use the extension, simply highlight the artifact you wish to search and right click to choose an OSINT tool. You can also right click on hyperlinks, images, audio, and video content and the domain will be extracted from these artifacts. In most cases, you will be redirected straight to results. For tools that require user interaction such as captchas, the highlighted artifact is saved to your clipboard and you will be directed to the submission page to paste the selected artifact.

Sputnik is available for free:

Below are some examples and code snippets to explain how it works.

Skip to the end for screenshots of the extension in both browsers.

Design Samples

Sputnik is implemented as a Context Menu item in Firefox and Chrome. Context Menus are the interface windows in browsers that appear with right clicks such as:

Image for post
Image for post

A context menu browser extension typically has 2 basic components:

  1. A manifest to store metadata such as version number and permissions.
  2. A javascript file to implement the functionality of the extension.

Manifest

A typical manifest for a browser extension looks something like this:

As you can see, this contains information such as a brief description, a path to the icon file, a version number, and a set of permissions. In order to implement the menu items in Firefox and Chrome, I had to use each browser’s supported API/framework in order to leverage as much built-in functionality as possible and avoid reinventing the wheel.


Context Menu Functionality

I chose to separate the OSINT sources into their own sub-menus by artifact type (IPs, Domains, File Hashes, and URLs). To do this, I used parent/child menus:

To launch the chosen OSINT resource, I simply used a switch statement to set the url that will be opened. For tools that supported the artifact in their URL, I appended the selected text after the search link.

Clipboard Write

Firefox has built-in functionality for writing to the clipboard that is simple to implement:

navigator.clipboard.writeText(info.selectionText);

Although Chrome grants permissions for clipboard write access, there is currently no built-in supported functionality to write to the clipboard. I was able to implement a JavaScript function that wrote text to the clipboard:

The function is invoked to write selected text to the clipboard using:

copyStringToClipboard(info.selectionText);

Visit Sputnik’s GitHub for all of the code to both the Firefox and Chrome extensions! This project has already received amazing suggestions and input from the Open Source community and I look forward to making this tool even better alongside fellow users.

Firefox

Available through Mozilla at the Firefox Add-Ons store.

Image for post
Image for post

Chrome

Available through the Chrome Web Store.

Image for post
Image for post

InfoSec Write-ups

A collection of write-ups from the best hackers in the…

Mitch Moser

Written by

digital brain | analog heart

InfoSec Write-ups

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. In a nutshell, we are the largest InfoSec publication on Medium. Maintained by Hackrew

Mitch Moser

Written by

digital brain | analog heart

InfoSec Write-ups

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. In a nutshell, we are the largest InfoSec publication on Medium. Maintained by Hackrew

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch

Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore

Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store