Sputnik – An OSINT browser extension
Browser extensions, aka (also known as) add-ons, are web browser-based applications which sole purpose is to help users extend base functions from popular web browsers such as Google Chrome, Opera, etc. They are known by different alias (or names) like – browser extensions, add-ons, plug-ins, etc. Almost all browser supports add-ons.
Advantages of add-ons:
- Known for fast access.
- Gives intuitive controls.
- Are cross-platform and adaptation for any browser.
- Also provides integration of its functionality into those products where there is no access to the kernel.
- They combine systems and cloud storage into a singular workspace.
Disadvantages of add-ons:
- Require constant updating, which can be very hectic.
- Different browsers need their own adapted version of the program.
- Often require the ability to read or even change everything on web pages one visits, which in some cases lead to horrific accidents of data breaches, capture the passwords, track browsing, etc.
Installing Sputnik is like installing any other browser extension and involves only three easy steps:
Step 1: Visit Sputnik in either Chrome Web Store or Firefox Add-Ons.
Step 2: Click on Add to Chrome, if you are using chrome browser.
Step 3: Now, pin the sputnik extension if you want.
To use sputnik is very simple and easy thing. It provides us with four options, which are:
First, let’s use our sputnik to gather information on an IP address. Simply highlight or select the IP address you want to know about and right-click, select sputnik, IP, and then at last select any platform.
We can see the details of our IP address 22.214.171.124. It’s from mountain view, California, the hostname is dns.google. Also, we can see from the details that this IP address is anycast IP which means it is an address that is assigned to a set of interfaces which typically belong to different nodes.
Let’s take another example for better understanding. Suppose, you come across the same IP address in various articles and want to find out to which domain it belongs to. In this situation, sputnik becomes your Wikipedia where you will find the details about the IP address.
It can be seen 126.96.36.199 IP address belongs to github and its location is Des Moines, Washington.
Also if you click on “part of AS36459” then you will get more details like, when it was allocated and its orgID, ASHandle, RegDate, Postal code, etc.
It can be seen it was allocated 9 years ago. More information can be fetched from WhoIs details given below.
Another option sputnik gives is, one can find information on domains too. All you have to do is follow the same steps. Highlight the domain, right-click, select sputnik, and then domain.
We can see the icon of this domain, its URL, its IP address, country it belongs to, Title, description. Also one can see on which social media it is on.
On scrolling down, we can also see other useful information like:
As we can see it is 836,008 domains that backlink to this domain, some of them are shown below in the screenshot.
Also, we can see 13 domains links to this domain and are listed below.
One can see there are more than 17k domains which redirects to this domain.
Suppose you come across a shady url and wants to know whether it is safe or not. You just highlight it and sputnik does the rest.
We can see the risks associated with this url like limited parts are provided over an unencrypted connection, what actions can we perform on etc.
Also, we can see WhoIs record of this URL, when it was created, updated, when it expires, to which organization it is registered to, and many other things.
We can also check and gather information about hashes. All you gotta do is, select the hash, right click and hover over sputnik, and select hash
We can see that this hash has been flagged as malicious by 60 security vendors which is a huge number and it means that there is 80% possibility that it is malicious. Now if someone who don’t have sputnik would simply go ahead and download this file which in turn will lead to system getting infected and getting slow etc. So it can be seen that these add-ons can be very useful not only for OSINT investigators but also for normal people.
In conclusion, getting help from these cross-platform OSINT web browser add-ons during your recon and intel gathering stage puts you at a great advantage. They work on almost any browser, and unlike other OSINT tools, they don’t rely on operating system requirements.