Mitaka

Mitaka addresses the challenge of manual indicator of compromise (IoC) extraction and scanning in open-source intelligence (OSINT) operations by automating these processes within a browser extension. The technical architecture of Mitaka involves a content script and a background service worker. The content script interacts with the user interface, allowing users to select text and trigger context menu actions. The background service worker handles the processing of these selections, creating context menus and initiating searches or scans on various supported engines such as VirusTotal, urlscan.io, and HybridAnalysis.

Mitaka supports a wide range of IoCs, including IP addresses, domains, URLs, hashes (MD5, SHA1, SHA256), and more. It refanges these IoCs from obfuscated formats (e.g., example[.]com to example.com) to facilitate seamless searching and scanning. The extension integrates with over 65 services, providing comprehensive coverage for OSINT searches.

Operational considerations include the need for users to set up API keys for certain services like HybridAnalysis, urlscan.io, and VirusTotal to enable full functionality. Additionally, Mitaka requires permissions such as "Access your data for all websites" to function correctly, which may raise privacy concerns, although the developer assures that no user data is collected or used.

From a technical standpoint, Mitaka's flow is straightforward: the content script sends the selected text to the background service worker, which then creates context menus and initiates the search or scan in a new tab. This approach ensures real-time interaction and quick results, but it may introduce performance overhead if multiple searches are initiated concurrently.