The Silent Push Chrome Extension allows you to scan, extract, save, and analyse DNS and web content data in Silent Push Enterprise direct from a Chrome window, without switching between tools or tabs.
Security teams and researchers can use the extension to gather Indicators of Future Attack™ (IOFA™) intelligence from a browser, and connect the dots between what they see in Chrome, and what Silent Push knows about any given threat landscape (hint: a lot).
Whether you’re investigating an unknown threat, reviewing security alerts in a SaaS platform, or reading a piece of threat research, our Chrome extension provides instant and actionable insight into any domains, IPs, and URLs you encounter online.
Install now from the Chrome Web Store
What does it do?
Our extension transforms your browser into a real-time proactive threat intelligence console. Once installed and connected using your Silent Push API key, you’ll be able to:
- Scan any indicator (domain, IP, or URL) without leaving your browser window
- Extract all on-page DNS data displayed on any website you visit
- Execute Total View lookups to reveal the origin, function, and risk level of any given indicator
- Get live screenshots of active domains
- Initiate scans to see how websites behave in real time, or how infrastructure has changed over time
- View any indicators that appear in Silent Push IOFA™ (Indicators of Future Attack™) Feeds
- Save indicators to your feeds, or create new feeds from fresh intelligence
- Submit abuse reports on suspect domains
How does it work?
Installation is simple. Once you’ve downloaded the extension, add it to Chrome and input your Silent Push API key to connect it to your Enterprise account.
Capturing Indicators
From there, you can begin scanning indicators immediately, using the following methods:
- Right-click on any highlighted domain, IP, or URL and choose “Scan Indicator”
- Enter an indicator manually into the search bar
- Click “Collect DNS Data” to retrieve all DNS records on the page
Our extension is designed to make actionable intelligence discovery as fast and intuitive as possible. Instead of copying data from emails, internal tools, or browser windows into another system, you can act immediately to validate any indicators you encounter.
It’s all about speed, context and ease of use.
For example, if you’re reviewing a suspicious link in your email client, highlight it and right-click to ascertain its risk level. Browsing a complex and lengthy threat intelligence report that analyzes output from multiple pivot points? Scrape all on-page DNS data in one click. SOC teams can also use the extension to get instant insight on unknown indicators across any number of SaaS platforms they use (and we know it’s a lot!).
Saving Data
Once you’ve scanned an indicator, you can use the “Save To” feature to retain and act on what you’ve found.
Indicators can be added to an existing feed for active monitoring and correlation, or new feeds that create TTP-specific watchlists of fresh intelligence, and early investigations.
All of this allows analysts to turn passive browsing into meaningful intelligence gathering. Instead of letting key indicators slip through the cracks, you can preserve and escalate them for ongoing visibility and collaboration across your team.
Silent Push Total View
The main piece of functionality is being able to gain instant DNS insight into an indicator, using Silent Push Total View – a CTI “landing page” for investigations into unknown infrastructure.
The main summary panel provides immediate visibility into active DNS resolutions, risk level, and the context surrounding any scanned indicator, including:
- The indicator’s Silent Push Risk Score
- The indicators presence in any IOFA™ Feeds
- DNS infrastructure analysis (A, MX, TXT, CNAME etc.)
- WHOIS data, such as domain age, registrar, and registration date
- Variance in infrastructure that might indicate malicious use
One click away from the extension, from any data point, takes you into the full Silent Push platform for advanced investigations.
Live Scan
To evade detection, threat actors recycle through DNS infrastructure at a rapid rate. When time is of the essence, knowing what a domain is doing right now is crucial.
That’s where Live Scan comes in. The Live Scan tab provides a real-time look at how a piece of infrastructure is configured, how it’s presented to the public, and what content it’s hosting.
When you initiate a Live Scan in the extension, you receive:
- A live screenshot of the webpage
- A true/false indicator for active A records
- Page title and favicon information
- HTML response content
- A real-time risk score
You can even input a domain or URL manually, without browsing to the website itself, allowing you quickly identify active threats without having to navigate to a potentially dangerous site.
Web Scanner
Web Scanner allows you to track the automated management and deployment of attacker domains and IPs, by executing searches using 150+ parameters per webpage, that reveal traceable behavioral fingerprints linked to specific adversaries and attack vectors.
This is especially useful for campaign attribution, threat actor tracking, uncovering shared hosting infrastructure, and revealing how a threat actor has adjusted their TTPs over time to evade detection.
Using powerful syntax-based content and DNS queries, built on a proprietary query language, you can discover deployment patterns, identify related infrastructure, and establish a behavioral fingerprint that follows an attacker across the Internet.
Actionable SOC and IR intelligence, direct from your browser
Most threat intelligence workflows involve copying and pasting indicators across separate system for cross-team analysis. That process creates delays, breaks concentration, and sometimes results in missed opportunities.
The Silent Push Chrome Extension changes that. By embedding proactive DNS and web content intelligence functionality into your browser, it allows analysts to:
- Act on threats as they encounter them
- Enrich data instantly with a wealth of context
- Avoid the platform-switching roundabout that slows down investigations
- Save and monitor key indicators over time
- Accelerate triage, abuse reporting, and frontline decision-making
It’s not just about convenience – it’s about enabling earlier (and more effective) detection, and faster response.
Common Use Cases
Here’s just a few ways analysts are using the extension:
- Email Security Teams: Right-click to scan suspicious links in phishing emails
- SOC Analysts: Investigate domains in alerts, without switching platforms
- Threat Hunters: Discover and track attacker infrastructure live on the web
- Brand Protection Teams: Identify and report fraudulent domains that are spoofing your online presence
- Security Researchers: Run Live Scans on emerging campaigns and malware delivery sites
Download now on the Chrome Store
The Silent Push Chrome Extension is currently available to Enterprise users only.
- Connect it using your API key
- Start scanning in seconds
Learn more about our unique approach to preemptive threat intelligence
Find out how Silent Push helps you to locate hidden and known threat infrastructure, and stop digital assaults at the source before they occur with Indicators Of Future Attack (IOFA)™ data.
Contact us here for more information.
