INTEL

Overview

Minimal UI, maximum evidence.

Search surface

OSINT and reputation services by IOC type with API control.

Multi-sourceControlledFast

Actionable evidence

Case vault with timeline, MITRE/CVE and export.

CasesTimelineExport

Reliable automation

Optional LLM with controlled prompts and auditable output.

LLMPromptingModels
METRICS

Results

Internal performance and adoption metrics.

-42%
Avg. time per investigation
28
Active OSINT sources
120K
IOCs processed / month
36
Active teams
ANALYSIS

Analyst Report

Operational summary for analysts.

Threat Snapshot

Malicious activity concentrated on phishing and infrastructure abuse. Prioritize newly registered domains.

  • Detection window: 7 days
  • Critical IOCs prioritized: 214
  • Top vectors: URL, domains, hashes

Analyst Impact

KAIROS reduces manual pivots and centralizes evidence, shortening response time.

  • Optional LLM automation
  • Immediate MISP/CSV export
  • Case timeline

Next Actions

Focus on shared infrastructure and publish indicators internally.

  • Review high-correlation domains
  • Update perimeter blocks
  • Issue weekly executive brief
PROCESS

Workflow

Consistent, auditable intelligence flow.

1

Context intake

Collect indicators from pages and PDFs without leaving the browser.

2

Enrichment

Query trusted services by type with API key control.

3

Modeling

Diamond Model + MITRE with optional AI support.

4

Reporting

Export JSON/CSV/MISP for evidence sharing.

CASES

Real cases

Examples for intelligence and response teams.

SOC · Coordinated phishing

Rapid domain clustering, case grouping, and MISP export for containment.

-38% triage time+3x correlated signals

CTI · Persistent campaign

IOC normalization, MITRE mapping and diamond model for executive briefing.

Report ready in 1hAutomatic timeline

IR · Endpoint incident

Extract and enrich from logs, deliver to MISP and CSV for coordination.

+25 sources queriedLess manual pivot
COMPARE

Comparison

Traditional flow vs KAIROS flow.

Traditional

  • Manual multi-tab searches
  • Scattered indicators without context
  • Late export and reporting

KAIROS

  • Orchestrated search by type
  • Vault with evidence and timeline
  • Optional LLM with traceability
Speed
+85%
Context
+78%
Collaboration
+72%

Ready for faster, cleaner intel?

Deploy KAIROS in minutes and standardize your investigation workflow.

Install KAIROS View repository
UI

Product Screens

Real extension views for analysts, reviewers and store listings.

KAIROS popup quick search interface
Popup: quick IOC search, service launcher and analyst shortcuts.
KAIROS side panel investigation workspace
Side panel: IOC vault, case workflow, MITRE, CVEs, timeline and exports.
Popup
Side Panel
Settings
STORE READINESS

Chrome Web Store information

Purpose, data handling and permission rationale for reviewers and security teams.

Single purpose

KAIROS helps cybersecurity analysts extract, organize, enrich and export indicators of compromise from pages, PDFs, selected text or manual input during threat intelligence and incident response work.

Remote code

No remote JavaScript or WebAssembly is loaded. Executable code is packaged with the extension.

Local-first storage

API keys, preferences, cases and IOCs are stored in the user's browser storage.

activeTabRuns user-requested analysis on the current tab.
scriptingInjects content logic for extraction, highlighting and recovery when requested.
storageSaves local settings, API keys, cases and IOC vault data.
contextMenusAdds right-click actions for selected IOCs and page analysis.
tabsOpens OSINT/reputation services and coordinates the active investigation tab.
sidePanelDisplays the analyst workspace next to the investigated page.
host accessReads selected pages, PDFs and local files only for IOC extraction and analyst-triggered enrichment.
PRIVACY

Privacy and data use

Clear disclosure for users, reviewers and internal security review.

Data processed

Authentication data entered by the user, active page context, selected text, URLs, PDF text, links, IOCs, cases and local preferences.

Data not sold

KAIROS does not sell user data and does not use user data for credit, advertising or unrelated purposes.

User control

Users can clear keys, cases and IOCs from the extension or from Chrome storage settings.

Public privacy policy

Use this page as the privacy-policy URL after deploying the web folder to your hosting.

Open privacy policy
ABOUT

About

Configure API keys and manage your threat intelligence sources

INSTALL

Installation

Deploy KAIROS in Chrome.

Direct build

Download the package and load it in developer mode.

Download buildAPI key required (disable "Require API key" if you do not use token)

Store install

Install from the official browser stores.

Chrome Web StoreFirefox Add-ons

Manual steps

  1. Open chrome://extensions.
  2. Enable Developer mode.
  3. Click Load unpacked.
  4. Select the project folder.
REPO

GitHub

Note: Review these URLs for more context and validation of the IOCs.

Sources/URLs

GitHub
Open Intel Dashboard