mlab.sh INTEL 作者: Alice Sn0w
Detect domain and IP IOCs on any page and pivot to mlab.sh investigation in one click.Detect domain, IP and crypto wallet IOCs on any page and pivot to a mlab.sh threat intelligence investigation in one click.
扩展元数据
关于此扩展
Threat intelligence at the speed of your browser.
mlab.sh INTEL turns every page into a launch pad for security investigation. Read a threat report, a vulnerability advisory, a darkweb dump or a phishing email? See indicators of compromise instantly, scan them in one click, and pivot to a full mlab.sh report — without leaving the page.
What it does
• Detects automatically on every page you read: domains, IPv4, IPv6 addresses and (opt-in) crypto wallet addresses across Bitcoin, Ethereum / EVM chains, Tron and Solana.
• Understands defanged IOCs like
• One-click investigation via the toolbar popup, the right-click menu, or by clicking a highlighted IOC directly in the page. Each result links to the full mlab.sh report.
• Inline highlighting (off by default) colours IOCs with the verdict returned by mlab.sh: clean / suspicious / malicious.
• History tab keeps your 10 most recent scans, with filter, copy-to-clipboard and re-scan in one click.
• Bulk scan by pasting a list of IOCs into the popup — newline, comma or space separated, refanged automatically.
• Per-site disable keeps the extension passive on your bank, intranet or any host you choose.
• Smart quota management: 24-hour local cache, server-side cache probe before launching new scans, in-flight deduplication, 60-second back-off when the API is rate-limited.
Privacy by design
The extension is built around an aggressive privacy policy:
• No browsing telemetry. The extension only contacts mlab.sh when you explicitly trigger a scan or refresh your quota.
• No third parties — no analytics, no ads, no CDN-loaded scripts.
• Your API key, cache, history and settings stay on your device.
• Works fully anonymously by default using mlab.sh's free Anonymous tier. Add your own API key for higher quota when you need it.
See PRIVACY.md in the repository for the full disclosure.
Who is this for?
SOC analysts, incident responders, threat hunters, security researchers, journalists covering cyber, students, and anyone curious about the indicators they spot online.
mlab.sh INTEL turns every page into a launch pad for security investigation. Read a threat report, a vulnerability advisory, a darkweb dump or a phishing email? See indicators of compromise instantly, scan them in one click, and pivot to a full mlab.sh report — without leaving the page.
What it does
• Detects automatically on every page you read: domains, IPv4, IPv6 addresses and (opt-in) crypto wallet addresses across Bitcoin, Ethereum / EVM chains, Tron and Solana.
• Understands defanged IOCs like
evil[.]com, hxxp://, 1.1.1[.]1, user[at]example.com — the format used in every serious threat report.• One-click investigation via the toolbar popup, the right-click menu, or by clicking a highlighted IOC directly in the page. Each result links to the full mlab.sh report.
• Inline highlighting (off by default) colours IOCs with the verdict returned by mlab.sh: clean / suspicious / malicious.
• History tab keeps your 10 most recent scans, with filter, copy-to-clipboard and re-scan in one click.
• Bulk scan by pasting a list of IOCs into the popup — newline, comma or space separated, refanged automatically.
• Per-site disable keeps the extension passive on your bank, intranet or any host you choose.
• Smart quota management: 24-hour local cache, server-side cache probe before launching new scans, in-flight deduplication, 60-second back-off when the API is rate-limited.
Privacy by design
The extension is built around an aggressive privacy policy:
• No browsing telemetry. The extension only contacts mlab.sh when you explicitly trigger a scan or refresh your quota.
• No third parties — no analytics, no ads, no CDN-loaded scripts.
• Your API key, cache, history and settings stay on your device.
• Works fully anonymously by default using mlab.sh's free Anonymous tier. Add your own API key for higher quota when you need it.
See PRIVACY.md in the repository for the full disclosure.
Who is this for?
SOC analysts, incident responders, threat hunters, security researchers, journalists covering cyber, students, and anyone curious about the indicators they spot online.
评分 0(1 位用户)
权限与数据
更多信息
- 版本
- 1.0.0
- 大小
- 157.54 KB
- 上次更新
- 11 天前 (2026年5月15日)
- 相关分类
- 隐私政策
- 阅读此附加组件的隐私政策
- 版本历史
- 添加到收藏集