Merge pull request #53 from vincenzocaputo/develop

Version 0.19.0

Author: vincenzocaputo

._media/Untitled Diagram.drawio

@@ -4,6 +4,19 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [0.19.0] - 2024-02-04
+### Add
+- Automatic graph generation
+- Threatbook CTI resource for domains and IP addresses
+- Info boxes on setting items
+
+### Change
+- Graph UI
+- Settings menu
+
+### Fix
+- Minor fixes
+
 ## [0.18.1] - 2023-11-26
 ### Add
 - Spam Database Lookup resource

CHANGELOG.md

@@ -1,7 +1,7 @@
 {
 	"manifest_version": 2,
 	"name": "FoxyRecon",
-	"version": "0.18.1",
+	"version": "0.19.0",
 	"description": "A Firefox add-on for OSINT investigations",
 
 	"icons": {
@@ -15,7 +15,9 @@
         "scripts": [
             "src/lib/browser-polyfill.js",
             "src/utils/toolsFileLoader.js", 
+            "src/utils/graphNodesFileLoader.js", 
             "src/utils/utils.js",
+            "src/utils/graph.js",
             "src/background.js"
         ]
     },
@@ -26,6 +28,8 @@
                 "src/lib/browser-polyfill.js",
                 "src/utils/indicatorparser.js", 
                 "src/utils/utils.js", 
+                "src/utils/graph.js",
+                "src/content_scripts/graph.js",
                 "src/content_scripts/context_menu.js",
                 "src/content_scripts/catch.js"
             ]

assets/tools-icons/cymru.png

@@ -16,12 +16,31 @@ if (installedVersion != currentVersion) {
     localStorage.setItem("version", currentVersion);
 }
 
+// Setup default settings
+if (!localStorage.getItem("settings.newtab")) {
+    localStorage.setItem("settings.newtab", "true");
+}
+if (!localStorage.getItem("settings.autosubmit")) {
+    localStorage.setItem("settings.autosubmit", "false");
+}
+if (!localStorage.getItem("settings.autocatch")) {
+    localStorage.setItem("settings.autocatch", "false");
+}
+if (!localStorage.getItem("settings.autograph")) {
+    localStorage.setItem("settings.autograph", "false");
+}
+
 var tools;
 loadToolsList(function(ts) {
     tools=ts;
     createToolsMenu(tools);
 })
 
+var graphMapping;
+loadGraphMapping(function(mp) {
+    graphMapping=mp;
+})
+
 
 /**
  * Create context menu containing the tools list
@@ -56,7 +75,6 @@ function catchIndicators(e) {
             // Send a message to the content script
             browser.tabs.sendMessage(activeTab, "catch")
                         .then((response) => {
-                            console.log(response);
                         })
                         .catch((error) => {
                             browser.browserAction.setBadgeText({text: ""});
@@ -119,6 +137,7 @@ function updateToolsMenu(toolsList, indicator, type) {
                     // Save the indicator in the local storage
                     localStorage.setItem("type", type);
                     localStorage.setItem("indicator", indicator);
+                    //localStorage.setItem("graph.autocreate", "true"); 
                     // Add the query for autofill to localstorage
                     if(tool["submitQuery"]) {
                         localStorage.setItem("submit-btn-query", tool["submitQuery"]);
@@ -139,8 +158,8 @@ function updateToolsMenu(toolsList, indicator, type) {
  * Waiting for  messages from content_script
  */
 browser.runtime.onMessage.addListener(function(request, sender, sendResponse) {
-    console.log("Waiting for messages");
     if(request.id == 1) {
+        // Autofill feature
         query = localStorage.getItem("submit-btn-query");
         // Send the query only if auto-submit option is enabled
         if(localStorage.getItem("settings.autosubmit") === "true") {
@@ -149,11 +168,28 @@ browser.runtime.onMessage.addListener(function(request, sender, sendResponse) {
         } else {
             submit = "false";
         }
-        console.log(query);
-        
         sendResponse({msg: localStorage.getItem("indicator"), query: query, submit: submit});
         // Consume the request (to avoid clicking the button more times for the same request)
         localStorage.setItem("submit-btn-query","");
+    } else if (request.id == 2) {
+        // Auto graph generation
+        if (localStorage.getItem("settings.autograph") === "true" && request.msg) {
+            const resource = request.msg;
+            let mappings = Array();
+            for (i=0; i<graphMapping.length; i++) {
+                if (resource.startsWith(graphMapping[i]['source'])) {
+                    mappings.push(graphMapping[i]);
+                }
+            }
+            sendResponse({msg: localStorage.getItem("indicator"), map: JSON.stringify(mappings) }) 
+        }
+    } else if (request.id == 3) {
+        const graph = new Graph();
+        const rel = JSON.parse(request.msg);
+        graph.addNode(rel['source']['id'], rel['source']['type']);
+        graph.addNode(rel['target']['id'], rel['target']['type']);
+        graph.addRelationship(rel['source']['id'], rel['target']['id'], rel['label']);
+        sendResponse({msg: 1});
     } else {
         updateToolsMenu(tools, request.indicator, request.type);
     }

assets/tools-icons/favicon.ico

@@ -1,5 +1,5 @@
 
-let indicator = "";
+var indicator = "";
 // Send a message to background script in order to retrieve the indicator saved in the local storage
 function sendMessageAndFill() {
     browser.runtime.sendMessage({
@@ -64,9 +64,13 @@ function sendMessageAndFill() {
                 document.querySelector("#history-filterBtn").click();
                 document.querySelector("#hashSearch").value = indicator;
                 document.querySelector(query).click();
-            } else {
+            } else if(current_url.includes("cymru")) {
+                document.querySelector("#hashes").value = indicator;
+                if (submit === "true") {
+                    document.querySelector(query).click();
+                }
+            }else {
                 var inputNodes = document.getElementsByTagName("input");
-                console.log(inputNodes);
                 // Get only text or email input nodes
                 for(i=0; i<inputNodes.length; i++){
                     if(inputNodes[i].type === "text" || inputNodes[i].type === "email" || inputNodes[i].type === "url"){

assets/tools-icons/threatbook.png

@@ -14,7 +14,6 @@ function catchIndicators() {
     let indicators = [];
     for(indicatorType of ['domain', 'ip', 'url', 'hash', 'email', 'cve']) {
         let matches = bodyContent.matchAll(regexes[indicatorType]);
-        console.log(matches);
         let match = matches.next();
         while(!match.done) {
             let value = match.value[0];

manifest.json

@@ -0,0 +1,72 @@
+var indicator = "";
+
+function sendMessageAndAddNodes() {
+    const current_url = window.location.href;
+    browser.runtime.sendMessage({
+        id: 2,
+        msg: current_url
+    }).then((resp) => {
+        indicator = resp.msg;
+
+        const map = resp.map;
+
+        if (map) {
+            const parser = new IndicatorParser(); 
+            const [type, tld] = parser.getIndicatorType(indicator);
+            const mappings = JSON.parse(map);
+            for (const mapping of mappings) {
+                if (type === mapping['type']) {
+                    const intervalId = setInterval(function() {
+                        document.querySelectorAll(mapping['query']).forEach((tag) => {
+                            const target = tag.textContent.trim();
+                            const [targetType, tld] = parser.getIndicatorType(target);
+                            if (targetType === mapping['nodeType']) {
+                                if (mapping['relationType'] === 'outbound') {
+                                    var relationship = {
+                                        'source': {
+                                            'id': indicator,
+                                            'type': type
+                                        },
+                                        'target': {
+                                            'id': target,
+                                            'type': targetType
+                                        },
+                                        'label': mapping['relationName']
+                                    }
+                                    browser.runtime.sendMessage({
+                                        id: 3,
+                                        msg: JSON.stringify(relationship)
+                                    }).then((r) => {r.msg});
+
+                                } 
+                                if(mapping['relationType'] === 'inbound') {
+                                    var relationship = {
+                                        'source': {
+                                            'id': indicator,
+                                            'type': type
+                                        },
+                                        'target': {
+                                            'id': target,
+                                            'type': targetType
+                                        },
+                                        'label': mapping['relationName']
+                                    }
+                                    browser.runtime.sendMessage({
+                                        id: 3,
+                                        msg: JSON.stringify(relationship)
+                                    }).then(() => {});
+                                }
+                            }
+                            clearInterval(intervalId);
+                        });
+                    }, 500);
+                }
+            }
+            
+        }
+    });
+}
+
+setTimeout(sendMessageAndAddNodes(), 5000);
+
+