Releases: vincenzocaputo/FoxyRecon
Beta 0.22.0
FoxyRecon 0.22.0 released with new functionalities, improvements and bugs fixed.
New context menu
The context menu no longer contains all the tools, given the large number of resources included in FoxyRecon.
The menu now includes two options:
- Investigate: if you are selecting a valid indicator, send it to FoxyRecon's popup for further investigation
- Add new graph node: you can add the selected text to the graph. You can also add text as Notes.
See the demo below as an example:
Screencast.from.2024-09-22.20-19-34.webm
More information about the tools
Now FoxyRecon includes more information about the provided tools through illustrative icons:
- The tool supports auto graph generation. When you use this tool, FoxyRecon automatically adds new nodes to the graph by collecting indicators on the tools website (the option "Auto graph generation" must be enabled in the settings)
- You need to create an account on this web resource to submit indicators.
- The tool may require some user interactions to submit the indicator. You can enable the "Auto submit" option from the settings, in order to automatically submit the indicators on these tools.
More filters
As the list of included tools grows, new search filters are implemented.
- Show only tools that support the auto graph generation
- Show only tools that do not require a user account to be used
- Show only tools that do not require any user interactions
- Filter tools by name. Clicking this button adds the "tool:" search selector in the input field
Now you can also filter the collected indicators by value using the input field.
For the complete list of improvements and fixes, please refer to the CHANGELOG.
Issues and Suggestions
For any issues or suggestions, please feel free to open an issue.
Beta 0.21.0
This release comes with plenty of new features, enhancements, and bug fixes.
New Indicators Supported
Now FoxyRecon supports two additional types of indicators:
- Phone numbers
- Autonomous System numbers
Phone Numbers
FoxyRecon accepts phone numbers in international format, with a plus sign followed by 15 or fewer digits (including the country code). FoxyRecon also shows the flag based on the country code of the provided phone number:
FoxyRecon now supports phone numbers for collecting indicators from web pages. It is able to detect phone numbers in different formats; however, it converts them to the internal format to allow you to conduct further investigations through the addon.
Autonomous System Numbers
FoxyRecon now also accepts Autonomous System numbers (ASN). The input must contain the letters "AS" followed by the AS number:
Custom Tools Creation Tool: UI Redesign and New Features
The page for the creation of custom tools has been completely redesigned from scratch to ensure better usability and user experience.
The tool now also provides the possibility to export custom resources in JSON format. In addition, this version introduces templates as a way to quickly create FoxyRecon tools linked to known open source threat intelligence platforms. Currently, templates have been included for the following platforms:
See the following video showing an example of tool creation using the MISP template. If autosubmit option is enabled, the attribute search on MISP is completely automated by FoxyRecon. The autosubmit feature is also available in the other templates.
custom-tools-demo.webm
Autofill Feature Upgrades
This version brings some improvements to the autofill feature, introducing the typing animation of indicators on web pages.
To learn more, read the wiki page.
UI Enhancements, New Web Resources, and Bug Fixes
Improvements in the graphical appearance of the popup have been included in this new version, with better resolution of web resource icons.
This release also includes a rich array of new OSINT web resources for all types of indicators and addresses several bugs.
The complete list of tools included in FoxyRecon is available on the wiki page
For the complete list of improvements and fixes, please refer to the CHANGELOG.
Issues and Suggestions
For any issues or suggestions, please feel free to open an issue.
Beta 0.20.0
This new version comes with several improvements and changes in the creation and management of graphs.
STIX Support
- The graphs are now based on STIX 2.1 standard (https://oasis-open.github.io/cti-documentation/stix/intro.html).
- New types of nodes that can be added to a graph:
- New observable objects: Autonomous System, IPv6, MAC address, Network Traffic, Software and User Account
- Domain Objects: Attack Pattern, Campaign, Course of Action, Identity, Infrastructure, Intrusion Set, Location, Malware, Malware Analysis, Note, Report, Threat Actor, Tool and Vulnerability.
- You can export the graph as a STIX Bundle JSON file.
Vis Network library for graph rendering
- Now the graph is rendered and displayed using the library Vis Network (https://github.com/visjs/vis-network), which offers more flexibility and a better look and feel of graphs.
- Additional options to customize the visualisation and behaviour of a graph
- Add graph node filtering by label
Other improvements and fixes
- Broken JoeSandbox lookup URL is solved in this release
Beta 0.19.0
This new version comes with many new feature, improvements and bug fixes for graphs. The user interface for graphs has been totally updated with a new look and feel, with new settings to customize the graph view.
A new experimental feature has been introduced that allows automatic graph generation while using the addon.
Two new resources have been added (Threatbook CTI and Cymru)
Beta 0.18.1
Add
- Spam Database Lookup resource
- Project Honeypot resource
Change
- Removed Checkphish Lookup resource (no more available)
- Update d3 library to version 7.8.5
Fix
- Checkphish scan
- FortiGuard web filter lookup
- Popup loading bug whem auto catching is enabled
Beta 0.18.0
Added
- You can now create graph during your analysis, adding indicators as nodes and relations between them. More information will be available in the Wiki section.
- Domain for Censys Host resource
Changed
- Censys URL (Certificates and Hosts)
- UI improvements
Fix
- Tools first loading bug in context menu
Beta 0.17.0
Add
- Web Check resource for domains and urls
- Hunter.how resource for domains and ip addresses
Fix
- Field auto-fill for web resources that support only post requests
Beta 0.16.0
Add
- Bin icon to clean indicators list and show the popup main screen
- SSLShopper tool for TLS certificate lookup
- Digicert TLS certificate validator
Change
- The catch option in the search bar will no longer show the list of the indicators found but only their occurrences (useful only whane auto indicators catching option is disabled)
Beta 0.15.1
Beta 0.15.0
Add
- FOFA search engine
Fix
- Defanged email regex recursion