惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

V2EX - 技术
V2EX - 技术
T
Troy Hunt's Blog
The Last Watchdog
The Last Watchdog
www.infosecurity-magazine.com
www.infosecurity-magazine.com
S
Secure Thoughts
Hacker News - Newest:
Hacker News - Newest: "LLM"
WordPress大学
WordPress大学
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
博客园 - 司徒正美
TaoSecurity Blog
TaoSecurity Blog
博客园 - Franky
有赞技术团队
有赞技术团队
Google Online Security Blog
Google Online Security Blog
罗磊的独立博客
L
LINUX DO - 最新话题
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
NISL@THU
NISL@THU
小众软件
小众软件
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
Recent Commits to openclaw:main
Recent Commits to openclaw:main
K
Kaspersky official blog
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
W
WeLiveSecurity
SecWiki News
SecWiki News
Google DeepMind News
Google DeepMind News
O
OpenAI News
V
V2EX
AI
AI
博客园_首页
Apple Machine Learning Research
Apple Machine Learning Research
大猫的无限游戏
大猫的无限游戏
美团技术团队
C
Cyber Attacks, Cyber Crime and Cyber Security
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Security Archives - TechRepublic
Security Archives - TechRepublic
博客园 - 三生石上(FineUI控件)
G
GRAHAM CLULEY
月光博客
月光博客
T
Threatpost
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
V
Vulnerabilities – Threatpost
Last Week in AI
Last Week in AI
爱范儿
爱范儿
C
CXSECURITY Database RSS Feed - CXSecurity.com
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Cloudbric
Cloudbric
酷 壳 – CoolShell
酷 壳 – CoolShell
The Hacker News
The Hacker News
N
News | PayPal Newsroom
Know Your Adversary
Know Your Adversary

Mapping the <mark>Internet</mark> on Netlas: Comprehensive Internet-Wide Scanning & OSINT Platform

Weaponized RMM: Hunting the Adversary Abuse of Remote Monitoring Tools Device Code Phishing: Technical Analysis and Proactive Hunting via Netlas Discovering Data Exposure with Netlas Telegram Bot API Abuse - Netlas Blog Using OWASP Amass with Netlas Module - Netlas Blog How we hunt C2 infrastructure at RST Cloud using Netlas - Netlas Blog Using Uncover with Netlas.io module - Netlas Blog Netlas Updates Terms and API & Data License Agreement - Netlas Blog Top 10 Hacking Devices for Ethical Hackers in 2026 - Netlas Blog Inside ClickFix: How Fake Prompts Took Over the Web Top 10 Critical Threat Actors to Watch in 2026: Ransomware, APTs & Defensive Strategies - Netlas Blog Bug Bounty 101 - A Complete Bug Bounty Roadmap for Beginners (2026) - Netlas Blog Supply Chain Attack - How Attackers Weaponize Software Supply Chains - Netlas Blog The Evolution of C2: Centralized to On-Chain - Netlas Blog From Starlink to Star Wars - The Real Cyber Threats in Space - Netlas Blog LLM Vulnerabilities: Why AI Models Are the Next Big Attack Surface - Netlas Blog When AI Turns Criminal: Deepfakes, Voice-Cloning & LLM Malware - Netlas Blog Zero-Click Exploits - Netlas Blog When Patches Fail: An Analysis of Patch Bypass and Incomplete Security - Netlas Blog I Analysed Over 3 Million Exposed Databases Using Netlas - Netlas Blog Post-Quantum Now: From AES & RSA to ML-KEM Hybrids - Netlas Blog Bug Bounty 101: Top 10 Reconnaissance Tools - Netlas Blog Mapping Dark Web Infrastructure - Netlas Blog Top Vibe-Coding Security Risks - Netlas Blog From Chaos to Control: Kanvas Incident Management Tool - Netlas Blog Bug Bounty 101: The Best Courses to Get Started in 2025 - Netlas Blog I, Robot + NIST AI RMF = Complete Guide on Preventing Robot Rebellion - Netlas Blog The $1.5B Bybit Hack & How OSINT Led to Its Attribution - Netlas Blog Hannibal Stealer: A Deep Technical Analysis - Netlas Blog Proactive Threat Hunting: Techniques to Identify Malicious Infrastructure - Netlas Blog The Pyramid of Pain: Beyond the Basics - Netlas Blog SOCMINT: Intelligence in the Social Media Era - Netlas Blog Hannibal Stealer vs. Browser Security - Netlas Blog The Largest Data Breach Ever? How Hackers Stole 16 Billion Credentials - Netlas Blog DNS Cache Poisoning – Is It Still Relevant? - Netlas Blog Modern Cybercrime: Who’s Behind It and Who’s Stopping It - Netlas Blog AI-Driven Attack Surface Discovery - Netlas Blog Netlas vs Urlscan: Tools Comparison - Netlas Blog Track Adversary Infrastructure Challenge 2025 Recap - Netlas Blog What is Threat Intelligence - Netlas Blog Netlas vs IPinfo: Tools Comparison - Netlas Blog Best Nmap Alternatives - Netlas Blog Whois History: How to Check the Domain Owner History - Netlas Blog Top WHOIS & RDAP Tools for Fast IP Address Lookup - Netlas Blog ASN Lookup Explained: Tools, Methods & Insights - Netlas Blog How to Detect CVEs Using Nmap Vulnerability Scan Scripts - Netlas Blog Nmap Cheat Sheet: Top 10 Scan Techiques - Netlas Blog Netlas vs ZoomEye: Platforms Comparison - Netlas Blog Top 6 Most Widely Used Port Scanners in Cybersecurity - Netlas Blog FAQ: Understanding Root DNS Servers and the Root Zone - Netlas Blog Domain Recon: Must-Know Tools for Security Professionals - Netlas Blog DNS History: Exploring Domains Past by Inspecting DNS Trails - Netlas Blog DNSSEC: Should You Use It? An Expert’s View on the Pros, Cons, and When to Implement - Netlas Blog Which DNS Servers Offer the Best Balance of Speed, Security, and Privacy? - Netlas Blog theHarvester: a Classic Open Source Intelligence Tool - Netlas Blog - Netlas Blog Top 15 OSINT Tools for Expert Intelligence Gathering - Netlas Blog A Deep Dive into the Open Web Application Security Project Top 10 Vulnerabilities - Netlas Blog Using Subfinder with Netlas Module - Netlas Blog Netlas vs Censys: Platforms Comparison - Netlas Blog OSINT in Cybersecurity: Exploring Its Spectrum and Tech - Netlas Blog Best Honeypots for Detecting Network Threats - Netlas Blog Using Maltego with Netlas Module - Netlas Blog Using theHarvester with Netlas - Netlas Blog Using TLDFinder with Netlas - Netlas Blog Netlas vs Fofa: Platforms Comparison - Netlas Blog Netlas vs Shodan: Platforms Comparison - Netlas Blog Google Dorking in Cybersecurity - Netlas Blog 7 Tools for Web Penetration Testing - Netlas Blog Using DNS History in Cybersecurity - Netlas Blog Mastering Online Camera Searches - Netlas Blog Best Attack Surface Visualization Tools - Netlas Blog Complete Guide on Attack Surface Discovery - Netlas Blog How to find unprotected databases with Netlas.io: Chapter 2 - Netlas Blog
Netlas Chrome and Firefox Extensions - Netlas Blog
Vyacheslav Makhrov · 2025-02-05 · via Mapping the <mark>Internet</mark> on Netlas: Comprehensive Internet-Wide Scanning & OSINT Platform

Extensions for browsers are very convenient. You can use the services without leaving the site you are currently on. The Netlas team thought the same, so today we bring you the Netlas extension for the Chrome and Firefox browsers.

This article will tell you how to install and configure it, as well as what it does.

Installing for Google Chrome

Installing the plugin is quite simple and familiar to anyone who has ever used extensions for Google Chrome. It consists of several points:

  1. Find the plugin in the Google Chrome extension store. You can do this by the name “Netlas.io” or go to the link.

  2. Click on the “Add to Chrome” button, then confirm adding the extension.

Add Button

Add Confirmation

  1. The item is not mandatory, but it simplifies the work: attach the plugin. This will allow you to quickly see if the site you are currently on is vulnerable to any CVEs.

Pin Plugin

Installing for Mozilla Firefox

  1. Find the plugin in the Firefox add-ons. You can do this by the name “Netlas.io” or go to the link.

  2. Click on the “Add to Firefox” button, then confirm adding.

Add Button

Add Confirmation

  1. Like in Chrome case I recommend you to pin extension to your toolbar.

placeholder Settings->Pin to Toolbar

Setup

After the extension has been installed, you can use it within thirty demo requests. If you want to connect your account to it, you must (as always) enter your API key. It is very easy.

Open the extension settings and enter the key in the corresponding field. Then click “Save” and refresh the page.

placeholder Enter your key here

After your API key has been connected, you can start working with the extension.

Usage

The extension supports two modes of operation: manual and automatic vulnerability detection (the so-called Default Logo and Smart Logo). In the first mode, the user fully controls all the functionality and sees only what he needs, in the second, the utility will work in the background and notify about vulnerabilities found on sites. Below, the modes and main functionality will be discussed in more detail.

This mode of operation of the extension is enabled by default after it is installed. Working with it, you will get information about the site by clicking on the extension icon. Here’s what it looks like:

Default Logo

Firstly, this is the IP address data already visible to you in the next image.

IP Information

Here you can see which organization hosts this address, where it is located, and what ports are used with it. In addition, by clicking “View on Netlas.io”, you can get more detailed information, such as a list of related domains and services at this address. The second tab of the extension contains information about the domain name. Let’s consider it too:

Domain Information

What information can be found on this tab? First, A record for domain. Secondly, the name of the registrar company and the location of the domain name. Thirdly, the list of responses for which this domain is a host. Fourth, and most interesting, the services that are installed on this domain, as well as the CVEs to which the resource may be vulnerable.

Let’s take a closer look at the last two points. To do this, let’s open a site potentially vulnerable to some recent CVE and see what the extension shows.

CVE Information

So, the site potentially has fourth vulnerabilities, the rating of the most dangerous of which is 7.5 points. To get more detailed information, just hover over a vulnerable response.

CVE Information in Details

After hovering over, we saw exactly what vulnerabilities the host is exposed to, as well as what services are installed on it.

To enable the second mode, open the extension settings and select Smart Logo there.

placeholder

Now, during operation, the extension automatically searches every site you visit in the Netlas database and checks it for known vulnerabilities. If there are any, the extension changes the color of the logo depending on the degree of threat. For example, it will look like this:

placeholder placeholder placeholder

Note: Smart Logo works only if your subscription supports CVE data. In addition, you need to keep in mind that in this mode, the extension sends a request to Netlas every time you open a new site/reload the page. Therefore, carefully monitor the number of your coins!

Conclusion

So, we can say that today a new use case for Netlas has appeared — through an extension for Google Chrome. Yes, it doesn’t provide the full power of the search engine, and you’ll often have to fall back to the web version of the app. However, for small checks, such as when browsing websites from the attack perimeter in a pen test, this option can be very useful.

What is your choise

I can show you how deep the Internet really goes

Discover exposed assets, infrastructure links, and threat surfaces across the global Internet.