Threat Hunting Using DNS: A Masterclass with Paul Vixie and Ben April: May 1st, 2019 12-6 p.m. ET Hyatt Regency Tyson's Corner Center, VA - Space is limited. Register today!

← Farsight Blog

DNSDB Scout™ for Firefox Is Now Available

By

RSS

I. Introduction

In October 2018, Farsight Security launched DNSDB Scout, a graphical user interface for DNSDB on the Google Chrome browser extension framework. DNSDB is the world's largest passive historical database dating back to 2010. Building on the positive reception by the security community, we decided to also offer DNSDB Scout™ for Mozilla Firefox.

Mozilla Firefox is the second most popular browser based on market share, so it was the natural choice for our next platform to support. Today we are proud to launch Farsight DNSDB Scout™ for Firefox - a new Firefox Add-On for querying DNSDB!

II. Why another Browser Extension?

When we first released the Chrome extension, we didn’t know how many customers would want to use it. After three months, the numbers have far exceeded our expectations. Adding Firefox allows us to bring this capability to many in the InfoSec community that do not use the Chrome browser.

The basic motivations for the Firefox version remain the same as for its Chrome counterpart: We wanted to develop a graphical user interface (GUI) for making DNSDB queries that is lightweight, easy to obtain, intuitive to use, and, most importantly, supports all current* and future features of the API. We wanted all code to be contained on the user’s system and not require login credentials for a GUI hosted on a web server.

III. Features

A major design goal of DNSDB Scout™ for Firefox was feature-parity with the Chrome version. We were able to achieve this including an identical look and feel:

  • Dashboard: Make DNSDB queries from your browser and keep a local history of queries you’ve previously made.
  • API Status: Tracks, displays, and updates your API key usage automatically.
  • Time Fencing: DNSDB serves as a post-attack "time machine" or "black box" flight recorder for the Internet. You can see data just from just today or any time since 2010.
  • Punycode support: Automatic Conversion of Internationalized Domain Names (IDN)
  • Limit Record Types: DNSDB contains a vast number of DNS records. Only need MX records or AAAA records? Limit your queries to only get the results you need.
  • Crisp UX Design: Supports Table Sorting and Paginated Results
  • Tailored Output: Plaintext, JSON, CSV - select how you want your Passive DNS data exported and made available for additional processing later.

The Firefox version of Scout allows for a maximum of 50,000 query results to be displayed at a time compared to 10,000 in the Chrome version. This is primarily because of Firefox’s superior performance with CSS rendering and DOM rebuilding.

IV. Prerequisites

To be able to use the DNSDB Scout, you must first have the Mozilla Firefox web browser installed on your system. DNSDB Scout should work on any operating system that can run an up-to-date version of Firefox with native extension support; with that, iOS isn’t supported for this reason.

You also need a valid DNSDB API key. DNSDB API keys are portable, so if you already have one, you are ready to go. You can also sign up for a 30-day free trial right form within DNSDB Scout, or by visiting here.

V. Installation

As with all current Mozilla Firefox extensions, they must be obtained and installed via the official Mozilla Add-ons site. You can search the site for ‘DNSDB’ or ‘Farsight’, or by visiting the DNSDB Scout page directly with reasonably current version of Firefox.

Once there, click on the blue “Add to Firefox” Button. Firefox will prompt you for permission to install the extension, like so:

The DNSDB Scout extension requires minimal permissions to function, needing only read-and-write access to its own variables within Firefox’s local storage cache, which is managed by Mozilla Firefox. It does not need to access your browsing history, location information, or any private information.

Once the extension is installed successfully, click on the Farsight DNSDB Scout icon near the browser address bar (it looks like a pair of white binoculars on a square orange background). In the menu that appears, click on the purple “SET YOUR API KEY” button.

Paste your Farsight DNSDB API key into the text input field and click the green “SAVE API KEY” button. Now click on the Dashboard link, and you are ready to make your first query using DNSDB Scout.

VI. Bridging the gap between Developers, Power Users, and Casual Users

The DNSDB Scout browser extensions are primarily designed with ease of use in mind. However, they do allow the more adventurous user to view raw API query strings for each search conducted along with any returned API headers and the raw query results in JSON format within the Recent Queries tab.

This can serve as a useful tool for developers who are constructing their own API integrations, or for the power users who want to learn more about the DNSDB API features. For technical documentation about the DNSDB API, please visit the API Docs.

VII. Limitations

Since a Mozilla Firefox extension runs inside your browser, it competes for system resources just like any other bowser window or tab.

*The maximum number of results a DNSDB API call can return is 1,000,000. In order to manage browser performance responsiveness, DNSDB Scout for Firefox has a maximum limit of 50,000 results.

VIII. Conclusion

We hope you’ll give DNSDB Scout a try, and that you will get some great use out of it. We are committed to releasing regular updates for both versions of the DNSDB Scout extension through their respective sites, and we welcome bug reports and feature requests. Should you find any bugs or have a feature idea please contact us through the Contact page or via support@farsightsecurity.com.

For more information about getting access to DNSDB API, please see our Order Services page.

Tyler Wood is a Software Toolmaker with Farsight Security, Inc.

Daniel Schwalbe is the Director of Engineering and Deputy CISO with Farsight Security, Inc.

← Blog Home

Want to learn more?

Protect against cybercriminal activity in real-time.

Request a free demo