ThreatLens: Automating IoC Detection Directly in Your Browser As a SOC analyst, I’ve often found myself drowning in a sea of logs and alerts, constantly sifting through data to identify potential …

InfoSecWriteUps' platform is  dedicated to providing insights and resources for cybersecurity professionals and enthusiasts. Through articles, tutorials, and security research, InfoSecWriteUps offers insights into cybersecurity vulnerabilities, attack techniques, and defense strategies. Readers can learn about penetration testing, threat intelligence, and incident response to enhance their cybersecurity knowledge and skills.

InfoSec Write-ups

ThreatLens is an open-source Chrome extension built by a SOC analyst to automate Indicator of Compromise (IoC) detection directly in the browser. It uses regex and DOM scanning via TreeWalker to identify IPv4, IPv6, domains, and URLs on any webpage, injecting subtle badge icons next to detected indicators. Clicking a badge triggers a reputation lookup via AbuseIPDB, returning abuse confidence scores, ISP, and country data. Features include bulk scanning, de-obfuscation of masked indicators, scope control via allowlist/blocklist, and a privacy-first design with no telemetry. Available on the Chrome Web Store and requires a free AbuseIPDB API key.

ThreatLens: Automating IoC Detection Directly in Your Browser

Get Muraleekrishnan Unnithan R’s stories in your inbox

Privacy and Trust: Built with Security in Mind