Skip to content

Releases: vincenzocaputo/FoxyRecon

Beta 0.22.0

22 Sep 18:45
c6a8022
Compare
Choose a tag to compare

FoxyRecon 0.22.0 released with new functionalities, improvements and bugs fixed.

New context menu

The context menu no longer contains all the tools, given the large number of resources included in FoxyRecon.

The menu now includes two options:

  • Investigate: if you are selecting a valid indicator, send it to FoxyRecon's popup for further investigation
  • Add new graph node: you can add the selected text to the graph. You can also add text as Notes.

See the demo below as an example:

Screencast.from.2024-09-22.20-19-34.webm

More information about the tools

Now FoxyRecon includes more information about the provided tools through illustrative icons:

  • graph_opt The tool supports auto graph generation. When you use this tool, FoxyRecon automatically adds new nodes to the graph by collecting indicators on the tools website (the option "Auto graph generation" must be enabled in the settings)
  • key You need to create an account on this web resource to submit indicators.
  • user-interaction The tool may require some user interactions to submit the indicator. You can enable the "Auto submit" option from the settings, in order to automatically submit the indicators on these tools.

More filters

As the list of included tools grows, new search filters are implemented.

image

  1. Show only tools that support the auto graph generation
  2. Show only tools that do not require a user account to be used
  3. Show only tools that do not require any user interactions
  4. Filter tools by name. Clicking this button adds the "tool:" search selector in the input field

Now you can also filter the collected indicators by value using the input field.

For the complete list of improvements and fixes, please refer to the CHANGELOG.

Issues and Suggestions

For any issues or suggestions, please feel free to open an issue.

Beta 0.21.0

03 Aug 17:18
3584555
Compare
Choose a tag to compare

This release comes with plenty of new features, enhancements, and bug fixes.

New Indicators Supported

Now FoxyRecon supports two additional types of indicators:

  • Phone numbers
  • Autonomous System numbers

Phone Numbers

FoxyRecon accepts phone numbers in international format, with a plus sign followed by 15 or fewer digits (including the country code). FoxyRecon also shows the flag based on the country code of the provided phone number:

image

FoxyRecon now supports phone numbers for collecting indicators from web pages. It is able to detect phone numbers in different formats; however, it converts them to the internal format to allow you to conduct further investigations through the addon.

Autonomous System Numbers

FoxyRecon now also accepts Autonomous System numbers (ASN). The input must contain the letters "AS" followed by the AS number:

image

Custom Tools Creation Tool: UI Redesign and New Features

The page for the creation of custom tools has been completely redesigned from scratch to ensure better usability and user experience.

The tool now also provides the possibility to export custom resources in JSON format. In addition, this version introduces templates as a way to quickly create FoxyRecon tools linked to known open source threat intelligence platforms. Currently, templates have been included for the following platforms:

See the following video showing an example of tool creation using the MISP template. If autosubmit option is enabled, the attribute search on MISP is completely automated by FoxyRecon. The autosubmit feature is also available in the other templates.

custom-tools-demo.webm

Autofill Feature Upgrades

This version brings some improvements to the autofill feature, introducing the typing animation of indicators on web pages.

To learn more, read the wiki page.

UI Enhancements, New Web Resources, and Bug Fixes

Improvements in the graphical appearance of the popup have been included in this new version, with better resolution of web resource icons.

This release also includes a rich array of new OSINT web resources for all types of indicators and addresses several bugs.

The complete list of tools included in FoxyRecon is available on the wiki page

For the complete list of improvements and fixes, please refer to the CHANGELOG.


Issues and Suggestions

For any issues or suggestions, please feel free to open an issue.

Beta 0.20.0

12 May 14:45
6f63093
Compare
Choose a tag to compare

This new version comes with several improvements and changes in the creation and management of graphs.

STIX Support

  • The graphs are now based on STIX 2.1 standard (https://oasis-open.github.io/cti-documentation/stix/intro.html).
  • New types of nodes that can be added to a graph:
    • New observable objects: Autonomous System, IPv6, MAC address, Network Traffic, Software and User Account
    • Domain Objects: Attack Pattern, Campaign, Course of Action, Identity, Infrastructure, Intrusion Set, Location, Malware, Malware Analysis, Note, Report, Threat Actor, Tool and Vulnerability.
  • You can export the graph as a STIX Bundle JSON file.

Vis Network library for graph rendering

  • Now the graph is rendered and displayed using the library Vis Network (https://github.com/visjs/vis-network), which offers more flexibility and a better look and feel of graphs.
  • Additional options to customize the visualisation and behaviour of a graph
  • Add graph node filtering by label

Other improvements and fixes

  • Broken JoeSandbox lookup URL is solved in this release

Screenshot from 2024-05-12 16-44-37
Screenshot from 2024-05-12 16-41-18
Screenshot from 2024-05-12 16-45-22

Beta 0.19.0

04 Feb 15:37
d59a0a6
Compare
Choose a tag to compare

This new version comes with many new feature, improvements and bug fixes for graphs. The user interface for graphs has been totally updated with a new look and feel, with new settings to customize the graph view.

Screenshot from 2024-02-04 16-25-27

A new experimental feature has been introduced that allows automatic graph generation while using the addon.

Two new resources have been added (Threatbook CTI and Cymru)

Beta 0.18.1

26 Nov 20:03
dc06e6b
Compare
Choose a tag to compare

Add

  • Spam Database Lookup resource
  • Project Honeypot resource

Change

  • Removed Checkphish Lookup resource (no more available)
  • Update d3 library to version 7.8.5

Fix

  • Checkphish scan
  • FortiGuard web filter lookup
  • Popup loading bug whem auto catching is enabled

Beta 0.18.0

03 Oct 18:07
7612c54
Compare
Choose a tag to compare

Added

  • You can now create graph during your analysis, adding indicators as nodes and relations between them. More information will be available in the Wiki section.

immagine

  • Domain for Censys Host resource

Changed

  • Censys URL (Certificates and Hosts)
  • UI improvements

Fix

  • Tools first loading bug in context menu

Beta 0.17.0

26 Jul 17:32
9927b20
Compare
Choose a tag to compare

Add

  • Web Check resource for domains and urls
  • Hunter.how resource for domains and ip addresses

Fix

  • Field auto-fill for web resources that support only post requests

Beta 0.16.0

31 May 18:30
4516f91
Compare
Choose a tag to compare

Add

  • Bin icon to clean indicators list and show the popup main screen
  • SSLShopper tool for TLS certificate lookup
  • Digicert TLS certificate validator

Change

  • The catch option in the search bar will no longer show the list of the indicators found but only their occurrences (useful only whane auto indicators catching option is disabled)

Beta 0.15.1

15 Apr 09:01
a87e924
Compare
Choose a tag to compare

Add

  • Settings option to disable indicators auto catching feature

Screenshot from 2023-04-15 11-00-08

Fix

  • GitHub icon

Beta 0.15.0

01 Apr 06:06
d139c86
Compare
Choose a tag to compare

Add

  • FOFA search engine

Fix

  • Defanged email regex recursion