DNSDB Scout™ – Farsight’s new Google Chrome Extension for querying DNSDB
By Tyler Wood and Daniel Schwalbe
To any person who hasn’t worked with a RESTful application program interface (API) before, Farsight Security’s DNSDB can seem a bit intimidating at first. The DNSDB API has many powerful search features. To take full advantage of them, it required various amounts of preparation work. Users could:
- Compile the Farsight-provided command-line tools, written in either C or Python
- Use Farsight's web-based interface to DNSDB (requires separate login credentials)
- Use a third-party analysis framework that integrates with DNSDB, such as Maltego
- Develop their own query tools or integrations from scratch
Today, we add one more supported option to your toolbox: Farsight DNSDB Scout™, a new Google Chrome Extension™ for querying DNSDB!
II. Why a Google Chrome Extension?
We wanted to develop a graphical user interface (GUI) for making DNSDB queries that was lightweight, easy to obtain and intuitive to use, and most importantly, supports all current* and future features of the DNSDB API. We wanted all code to be self-contained on the user’s system, and not require login credentials for a separate web service. With these goals in mind, a browser extension was a good fit.
We chose Google Chrome because Chrome has a very large userbase as well as an established online storefront that allows for easy distribution and updates for extensions.
We may consider releasing extensions or add-ons for other browsers in the future, but for now, our focus is on Google Chrome.
III. Key Features
- Dashboard: Make DNSDB queries from your browser and keep a local history of queries you’ve previously made.
- API Status: Tracks, displays, and updates your API key usage automatically.
- Time Fencing: DNSDB serves as a post-attack "time machine" or "black box" flight recorder for the Internet. You can see data just from today or go back to any time since 2010.
- Punycode support: Automatic Conversion of Internationalized Domain Names (IDN).
- Limit Record Types: DNSDB contains a vast number of DNS records. Only need MX records or AAAA records? Limit your queries to only get the results you need.
- Crisp UX Design: Supports Table Sorting and Paginated Results.
- Tailored Output: Plaintext, JSON, CSV - select how you want your Passive DNS data exported and made available for additional processing later.
To use the DNSDB Scout extension, you must first have the Google Chrome web browser installed on your system. DNSDB Scout should work on any operating system that can run an up-to-date version of Chrome with native extension support. At this time, unfortunately, that means no iOS or Android support as those platforms don’t natively support extensions for their versions of Chrome. You will also need a valid DNSDB API key. DNSDB API keys are portable, so if you already have one you are ready to go. You can sign up for a 30-day free trial by visiting the DNSDB Trial page.
As with all current Google Chrome extensions, they must be obtained and installed via the official Google Chrome Web Store. You can search the store for ‘DNSDB’ or ‘Farsight’, or by visiting the DNSDB Scout page directly with reasonably current version of Google Chrome. Once there, click on the blue “Add to Chrome” Button. Google Chrome will prompt you for permission to install the extension, like so:
The DNSDB Scout extension requires minimal permissions to function. It only needs read-and-write access to its own variables within Chrome’s local storage cache, which is managed by Google Chrome itself. It does not need to access your browsing history, location information, or any other private information. Once the extension is installed successfully, click on the Farsight DNSDB Scout icon near the browser address bar (it looks like a pair of white binoculars on a square orange background). In the menu that appears, click on the purple “SET YOUR API KEY” button. Paste your API key into the text input field and then click the green “SAVE API KEY” button. Now click on the Dashboard link, and you are ready to make your first query using DNSDB Scout.
VI. Bridging the gap between Developers, Power Users, and Casual Users
The DNSDB Scout extension was primarily designed with ease of use in mind. However, it does allow the more adventurous user to view raw API query strings for each search conducted along with any returned API headers and the raw query results in JSON format within the Recent Queries tab.
This can serve as a useful tool for developers who are constructing their own API integrations, or for the power users who want to learn more about the DNSDB API features. For technical documentation about the DNSDB API, please visit the API Docs.
Since a Google Chrome extension runs inside your browser, it competes for system resources just like any other browser window or tab.
*The maximum number of results a DNSDB API call can return is 1,000,000. In order to manage browser performance and responsiveness, DNSDB Scout has a maximum limit of 10,000 results at a time.
You now know where to obtain and how to install the DNSDB Scout Google Chrome extension. We hope you’ll give DNSDB Scout a try, and that you will get some great use out of it.
We are committed to releasing regular updates of the extension in the Chrome Web Store, and we welcome bug reports and feature requests. Should you find any bugs or have a feature idea please contact us through the Contact page or via firstname.lastname@example.org.
For more information about getting access to DNSDB API, please see our Order Services page.
Tyler Wood is a Software Toolmaker with Farsight Security, Inc.
Daniel Schwalbe is the Director of Engineering and Deputy CISO with Farsight Security, Inc.