v0.0.18

Filigran XTM Browser Extension v0.0.18

Changed

• Scenario Creation UX: After clicking "Generate Scenario with AI", users are now redirected to step 2 (inject selection) instead of being stuck on step 1

Fixed

• Panel Mode Cancel Button: Fixed "Cancel" button not working in Create Scenario when using panel mode
• AI Inject Selection: Fixed "Select using AI" button in Create Scenario not selecting any injects. The AI prompt now properly includes attack pattern IDs and available inject information for accurate matching

---

Downloads

Browser	File	Installation
Chrome	filigran-xtm-chrome-0.0.18.zip	Load unpacked in chrome://extensions/
Firefox	filigran-xtm-firefox-0.0.18.zip	Load temporary add-on in about:debugging
Edge	filigran-xtm-edge-0.0.18.zip	Load unpacked in edge://extensions/

Installation Instructions

1. Download the appropriate zip file for your browser
2. Extract the zip file to a folder
3. Open your browser's extension management page
4. Enable "Developer mode"
5. Click "Load unpacked" and select the extracted folder

For full documentation, see the README.

v0.0.17

Filigran XTM Browser Extension v0.0.17

No changelog entry found for version 0.0.17.

---

Downloads

Browser	File	Installation
Chrome	filigran-xtm-chrome-0.0.17.zip	Load unpacked in chrome://extensions/
Firefox	filigran-xtm-firefox-0.0.17.zip	Load temporary add-on in about:debugging
Edge	filigran-xtm-edge-0.0.17.zip	Load unpacked in edge://extensions/

Installation Instructions

1. Download the appropriate zip file for your browser
2. Extract the zip file to a folder
3. Open your browser's extension management page
4. Enable "Developer mode"
5. Click "Load unpacked" and select the extracted folder

For full documentation, see the README.

v0.0.16

Filigran XTM Browser Extension v0.0.16

Added

• MITRE ATT&CK Regex Detection: Attack patterns are now also detected via regex matching for MITRE IDs (e.g., T1480, T1547.001, TA0007, S0001, G0001). Attack patterns found via regex that are not already in cache are shown as "Not found in OpenCTI" so users can quickly add them
• Attack Pattern Creation: Creating attack patterns in OpenCTI now automatically sets the x_mitre_id field when the name matches a MITRE ATT&CK ID pattern
• Add to Scan Results Context Menu: New right-click context menu option "Add to scan results" allows users to manually add selected text as any entity type to the scan results. A dialog prompts for entity type selection, and the entity is added as "not found" so it can be included in container creation or bulk import to OpenCTI

Changed

• Terminology Cleanup: Renamed internal types from "SDO" to "OpenCTI entity types" for clarity (e.g., SDO_SEARCH_TYPES → OPENCTI_ENTITY_SEARCH_TYPES)

Fixed

• PDF Scanner Attack Pattern Detection: PDF scanner now correctly detects attack patterns via regex matching (same as web page scanning)
• Dual Detection (OpenCTI/OpenAEV): Fixed entities found in OpenAEV but not OpenCTI not showing dual-color highlighting. OpenAEV entities no longer incorrectly supersede observables, allowing proper mixed-state display
• PDF Scanner Dual Detection: PDF scanner now correctly shows dual-color (amber/green gradient) highlighting for entities not found in OpenCTI but found in OpenAEV, matching the behavior of web page scanning
• Add to OpenCTI Navigation: Cancel button and new "Back to..." link in the Add to OpenCTI view now correctly navigate back to scan results (if available) or home, instead of always going to home
• Investigation Mode Scrolling: Fixed entity list in Investigation Mode not being scrollable when many entities are found. The list now properly scrolls within the available space
• Investigation Mode Deduplication: Fixed duplicate entities appearing in the investigation entity list when the same entity (e.g., a CVE) appears multiple times on a page
• Investigation Mode UI Consistency: Updated Investigation Mode to match Scan Results styling with 50/50 search field and type filter layout, consistent Select All/Deselect All button styling, and a "Clear" button in the header to clear results and highlights
• Scan Results Icon: Changed Scan Results header icon to match the Scan button icon for visual consistency
• OpenAEV Entity URLs: Fixed "Open in OpenAEV" links for entities that don't have overview pages. Only Asset, Scenario, and Simulation have individual overview pages; all other entity types (Asset Group, Player, Team, Organization, Attack Pattern, Finding, Vulnerability) now correctly redirect to their list pages with appropriate text search filters pre-applied
• Add to Scan Results Duplicates: "Add to scan results" context menu now prevents adding duplicate entities (same type and value)
• Unused Code Cleanup: Removed unused component props and fixed ESLint/TypeScript warnings

---

Downloads

Browser	File	Installation
Chrome	filigran-xtm-chrome-0.0.16.zip	Load unpacked in chrome://extensions/
Firefox	filigran-xtm-firefox-0.0.16.zip	Load temporary add-on in about:debugging
Edge	filigran-xtm-edge-0.0.16.zip	Load unpacked in edge://extensions/

Installation Instructions

1. Download the appropriate zip file for your browser
2. Extract the zip file to a folder
3. Open your browser's extension management page
4. Enable "Developer mode"
5. Click "Load unpacked" and select the extracted folder

For full documentation, see the README.

v0.0.15

Filigran XTM Browser Extension v0.0.15

Added

• Configurable AI Settings: New "Advanced Settings" section in Settings → Agentic AI with two configurable parameters:
  • Max Output Tokens (default: 10,000): Controls the maximum tokens for AI responses
  • Max Content Length (default: 50,000): Controls the maximum page content length sent to AI

Fixed

• OpenAEV Connection Test: Fixed connection test always showing "Connected to OpenAEV" even with invalid URL or API token. The extension now properly reports connection failures
• AI Scan All: Fixed "Use AI to discover both entities and relations at once" option returning no findings while individual buttons worked. Increased token limit and content length for combined analysis

---

Downloads

Browser	File	Installation
Chrome	filigran-xtm-chrome-0.0.15.zip	Load unpacked in chrome://extensions/
Firefox	filigran-xtm-firefox-0.0.15.zip	Load temporary add-on in about:debugging
Edge	filigran-xtm-edge-0.0.15.zip	Load unpacked in edge://extensions/

Installation Instructions

1. Download the appropriate zip file for your browser
2. Extract the zip file to a folder
3. Open your browser's extension management page
4. Enable "Developer mode"
5. Click "Load unpacked" and select the extracted folder

For full documentation, see the README.

v0.0.14

Filigran XTM Browser Extension v0.0.14

Fixed

• Entity Overview Scrolling: Fixed vertical scrolling not working in the right panel for entity overviews (both OpenCTI and OpenAEV). The overview content can now be scrolled vertically when it exceeds the panel height, with horizontal scrolling disabled to prevent layout issues

---

Downloads

Browser	File	Installation
Chrome	filigran-xtm-chrome-0.0.14.zip	Load unpacked in chrome://extensions/
Firefox	filigran-xtm-firefox-0.0.14.zip	Load temporary add-on in about:debugging
Edge	filigran-xtm-edge-0.0.14.zip	Load unpacked in edge://extensions/

Installation Instructions

1. Download the appropriate zip file for your browser
2. Extract the zip file to a folder
3. Open your browser's extension management page
4. Enable "Developer mode"
5. Click "Load unpacked" and select the extracted folder

For full documentation, see the README.

v0.0.13

Filigran XTM Browser Extension v0.0.13

Changed

• Code Quality: Comprehensive codebase cleanup and maintenance release
• Documentation: Updated project structure documentation in README
• Dependencies: Updated all dependencies to latest versions

Fixed

• E2E Tests on CI: Fixed Playwright e2e tests failing on GitHub Actions due to missing X server. Added xvfb-run to provide a virtual display for headed Chrome (required for browser extension testing)

---

Downloads

Browser	File	Installation
Chrome	filigran-xtm-chrome-0.0.13.zip	Load unpacked in chrome://extensions/
Firefox	filigran-xtm-firefox-0.0.13.zip	Load temporary add-on in about:debugging
Edge	filigran-xtm-edge-0.0.13.zip	Load unpacked in edge://extensions/

Installation Instructions

1. Download the appropriate zip file for your browser
2. Extract the zip file to a folder
3. Open your browser's extension management page
4. Enable "Developer mode"
5. Click "Load unpacked" and select the extracted folder

For full documentation, see the README.

v0.0.12

Filigran XTM Browser Extension v0.0.12

Added

• AI Relationship Discovery: New AI-powered relationship discovery directly from scan results
• Clear All Button: Button to clear all highlights, results, and selections while staying on scan results view
• New OpenCTI Entity Types: Added support for Narrative, Channel, System, and Tool entity types
• PDF Scanning: Full PDF document scanning with integrated viewer. When clicking "Scan" on a PDF page, the extension opens a dedicated PDF viewer with:
  • Vertical scrolling through all pages (no page-by-page navigation)
  • Real-time entity highlighting directly on PDF content with color-coded overlays (green for found, amber for new, purple for AI-discovered)
  • Interactive highlights with selection checkboxes matching web page behavior
  • Clickable highlights that open entity overview in side panel
  • Tooltips on hover showing entity details, AI confidence, and reasons
  • Native side panel integration for scan results (same behavior as regular page scanning)
  • Toolbar with rescan, clear highlights, zoom controls, and panel toggle
  • Original PDF link to open in browser's native viewer
• PDF Worker Embedding: PDF.js worker is now fully embedded in the extension bundle for Chrome Web Store compliance (no external resource loading)
• Clear Highlights for PDFs: The "Clear highlights" action from popup, panel, and PDF viewer toolbar now properly clears PDF canvas highlights
• AI Discovery in PDF Viewer: AI entity discovery now works in the PDF viewer, with proper text extraction and AI highlight colors
• OpenAEV-Only Entity Display: Entities found only in OpenAEV (not importable to OpenCTI) now display correctly without selection checkboxes

Changed

• AI Buttons Styling: Redesigned AI buttons with consistent styling and magic sparkle icons
• Relationship Display: Unified relationship display format with entity type icons and proper colors
• PDF Viewer Styling: Clean, minimal interface matching the extension's theme (dark/light mode support)
• PDF Entity Detection: Uses same detection engine as page scanning for consistent results across formats
• PDF Highlight Sizing: Highlights are now more precise, sticking closely to text boundaries to reduce overlaps
• Disabled Actions on PDF View: Container, Investigate, Atomic Test, and Scenario buttons are disabled on both native PDF pages and PDF scanner view

Fixed

• PDF Viewer: Fixed iframe panel not closing and AI scanning not working in PDF viewer mode
• PDF Table Highlighting: Fixed entities in PDF tables not being highlighted when text is split across multiple PDF text items (e.g., defanged IPs like 203.91.76[.]102 in table cells)
• AI Scenario Timing: Fixed table-top scenario inject timing being incorrectly accumulated instead of using absolute timing values (e.g., 5 injects over 60 minutes now correctly spans 0-60 minutes instead of 0-150 minutes)
• Relationship Persistence: Resolved relationships now preserved when navigating back from import screen
• Select All Behavior: Fixed "Select all" sometimes visually selecting non-importable entities
• AI JSON Parsing: Enhanced parsing with more robust strategies for handling truncated AI responses
• Threat Actor Types: Properly distinguish between Threat-Actor-Group and Threat-Actor-Individual
• PDF Scanner Panel Communication: PDF scanner now properly communicates with side panel for scan results display
• PDF Rescan from Popup: Clicking scan while on PDF scanner page now triggers rescan instead of opening new tab
• PDF Rescan from Side Panel: Clicking "Scan" in side panel while on PDF scanner now properly rescans the PDF
• PDF Highlight Click to Entity Overview: Clicking a highlight in the PDF scanner now correctly opens the entity overview with full data
• Firefox PDF Scanner Detection: Popup now correctly detects PDF scanner pages in Firefox (moz-extension:// URLs)
• AI Discovery Content Retrieval: AI discovery now properly retrieves PDF content when triggered from the side panel
• Platform Type Consistency: Detection engine now explicitly sets platformType on all enriched entities (observables, OpenCTI entities, CVEs, OpenAEV entities), eliminating reliance on fallback defaults throughout the codebase

---

Downloads

Browser	File	Installation
Chrome	filigran-xtm-chrome-0.0.12.zip	Load unpacked in chrome://extensions/
Firefox	filigran-xtm-firefox-0.0.12.zip	Load temporary add-on in about:debugging
Edge	filigran-xtm-edge-0.0.12.zip	Load unpacked in edge://extensions/

Installation Instructions

1. Download the appropriate zip file for your browser
2. Extract the zip file to a folder
3. Open your browser's extension management page
4. Enable "Developer mode"
5. Click "Load unpacked" and select the extracted folder

For full documentation, see the README.

v0.0.11

Filigran XTM Browser Extension v0.0.11

Added

• Labels field improvements: Labels autocomplete in container form now fetches only initial 10 labels, searches on the fly with 1.2-second debounce, and includes a "+" button to create new labels directly within the field
• Author field improvements: Author (createdBy) autocomplete now fetches only initial 50 authors, searches on the fly with debounce, includes a "+" button to create new Organization or Individual directly within the field
• Hidden content filtering: Scan results now exclude text from tooltips, popovers, and screen-reader-only elements (e.g., "Skip to content" links) that are not visually displayed but picked up by DOM extraction
• React/SPA content extraction: Added fallback extraction methods for React, Next.js, Nuxt.js, and other SPA frameworks that render content dynamically via JavaScript
• Visible content extraction: Last-resort extraction method that walks through all visible DOM elements when other methods fail
• App page content extraction: Added specialized extraction for complex app pages (like OpenCTI dashboards) that captures visible text with basic structure preservation
• Firefox sidebar support: Firefox now fully supports split screen mode using the native sidebar. Enable in Settings > Appearance. The sidebar opens automatically when you scan or perform actions, just like Chrome/Edge. It integrates with Firefox's native panel system and persists across page navigation
• Selection checkboxes on highlights: Restored selection checkboxes on the left side of highlights for "Found", "Not Found", "Mixed State", and "AI Discovered" entities. Checkboxes show border when unchecked and filled with checkmark when selected

Changed

• Highlight styling refined: Highlights are now less aggressive and no longer cause layout shifts or distortions on complex pages. Uses display: inline instead of inline-block, reduced padding, and proper z-index layering
• Glowing effect improved: The locate/scroll-to-highlight glow animation now has a gentler 3-pulse pattern over 3 seconds with ease-in-out timing for a smoother visual effect
• Number of injects limit increased: Maximum number of injects for AI scenario generation increased from 20 to 50
• Table-top scenario AI prompts improved: AI-generated table-top exercises now focus on presenting crisis situations without prescribing defensive actions, feature progressive intensity escalation, use varied email senders (SOC, executives, legal, etc.), and create immediately playable exercises
• Consistent multi-select chip styling: All multi-select autocomplete fields (Report Types, Labels, Marking Definitions, etc.) now use consistent chip styling with light grey background and 4px border radius
• Color picker dark mode support: Label creation color picker now properly respects dark/light theme mode
• Compact selection indicator: Selection text in scan results now more compact - shows "X sel." with "(Y new)" only when there are new items, and "X available" instead of verbose text

Fixed

• Critical: OpenAEV atomic testing and scenarios not finding attack patterns: Fixed condition that checked for platformEntities instead of openaevEntities, causing attack pattern detection to always fail for OpenAEV-only scans
• Highlight hover conflicts: Mouse events on highlights now properly block native page hover behaviors using event capture and propagation stopping. Native title-attribute tooltips are temporarily suppressed when hovering on extension highlights
• Side panel user gesture errors: Console errors about sidePanel.open() requiring user gesture are now suppressed (logged as debug) when the panel is already open or being managed by the popup
• Number of injects field behavior: Input field now allows clearing and typing any value (like the duration field) with proper validation and error feedback
• Exercise duration field behavior: Input field now allows clearing, accepts values 1-2880 minutes (48 hours max), shows validation errors, and disables Generate button when invalid
• PDF images at wrong location: Fixed images being placed at the end of generated PDFs instead of their original position in the content. Images are now rendered inline where they appear in the document
• Empty PDF/HTML on React websites: Fixed content extraction returning empty results on React/SPA websites by adding multiple fallback extraction methods
• Labels loading error: Fixed "Unknown message type" error when loading labels in container form by adding missing SEARCH_LABELS handler in background script
• Back to actions link consistency: Entity overview screens now always show a "Back to actions" link for consistent navigation
• Label creation not adding to selection: Fixed label creation not properly adding newly created labels to the selected list
• XTM highlights in extracted content: Content extraction for PDF/HTML now removes XTM extension highlights before processing, ensuring clean output without colored spans
• Toast not showing in Edge: Rewrote toast notification system using Shadow DOM for complete isolation from page styles, ensuring consistent display across all browsers (Chrome, Firefox, Edge)
• Scan error infinite spinner: When scanning fails (e.g., connection error), the panel now properly shows "no results" instead of spinning forever
• Small screen selection bar layout: Selection indicator and buttons in scan results now properly maintain shape on small screens - text can wrap while buttons stay vertically centered with flexShrink: 0 and whiteSpace: nowrap

Removed

• Debug logging: Removed all debug console.log statements from content script for cleaner production builds

---

Downloads

Browser	File	Installation
Chrome	filigran-xtm-chrome-0.0.11.zip	Load unpacked in chrome://extensions/
Firefox	filigran-xtm-firefox-0.0.11.zip	Load temporary add-on in about:debugging
Edge	filigran-xtm-edge-0.0.11.zip	Load unpacked in edge://extensions/

Installation Instructions

1. Download the appropriate zip file for your browser
2. Extract the zip file to a folder
3. Open your browser's extension management page
4. Enable "Developer mode"
5. Click "Load unpacked" and select the extracted folder

For full documentation, see the README.

v0.0.10

Filigran XTM Browser Extension v0.0.10

Fixed

• Split screen mode on MacOS: Fixed native side panel not opening reliably on Chrome and Edge on MacOS. The popup now opens the side panel immediately in user gesture context before sending scan messages, which is required by the Chrome sidePanel API
• Dual panel opening: Fixed both native side panel and floating iframe opening simultaneously in split screen mode. The content script now correctly skips iframe creation when split screen mode is enabled

---

Downloads

Browser	File	Installation
Chrome	filigran-xtm-chrome-0.0.10.zip	Load unpacked in chrome://extensions/
Firefox	filigran-xtm-firefox-0.0.10.zip	Load temporary add-on in about:debugging
Edge	filigran-xtm-edge-0.0.10.zip	Load unpacked in edge://extensions/

Installation Instructions

1. Download the appropriate zip file for your browser
2. Extract the zip file to a folder
3. Open your browser's extension management page
4. Enable "Developer mode"
5. Click "Load unpacked" and select the extracted folder

For full documentation, see the README.

v0.0.9

Filigran XTM Browser Extension v0.0.9

Added

• Cross-browser iframe compatibility: Floating panel now works correctly on Chrome, Firefox, and Edge with unified iframe loading approach using requestAnimationFrame for Edge compatibility

Changed

• Extension renamed: Extension name changed from "Filigran Threat Management" to "Filigran XTM" across all browsers for consistency
• Firefox split screen disabled: Split screen mode toggle is now visible but disabled on Firefox with explanation that it requires Chrome or Edge. Firefox uses the floating iframe panel exclusively
• Panel display mode always visible: The "Panel Display Mode" setting section is now shown on all browsers (previously hidden on Firefox), with clear indication when not supported
• Unified panel messaging: Consolidated panel message handling to use FORWARD_TO_PANEL exclusively in split screen mode, eliminating redundant message paths that caused state conflicts

Fixed

• Edge floating panel not loading: Fixed iframe content not loading on Edge browser due to timing issues with iframe src and DOM attachment
• Firefox floating panel: Removed Firefox sidebar action dependency - Firefox now uses the same floating iframe approach as Chrome/Edge for consistent cross-browser experience
• Edge scan never completing: Fixed race condition where panel messages were sent before iframe contentWindow was available
• Split screen mode highlight click: Fixed clicking on highlights in native side panel mode not showing entity overview - the SCAN_RESULTS message was overwriting the SHOW_ENTITY message due to a timing issue
• Split screen mode panel not opening: Fixed native side panel not opening when clicking on highlights with panel closed - panel functions now explicitly open the native side panel in split screen mode
• Split screen "Back to scan results" link: Fixed "Back to scan results" link not appearing when clicking highlights after closing the native side panel. The issue was caused by duplicate message paths (SHOW_ENTITY via FORWARD_TO_PANEL and SHOW_ENTITY_PANEL directly) where the second message overwrote the fromScanResults flag. Now only FORWARD_TO_PANEL is used for consistent state management
• Scan results restoration: When reopening the native side panel via highlight click, scan results are now properly restored from the message payload, allowing navigation back to results even after the panel was closed
• Edge tooltip rendering: Fixed highlight tooltips showing as empty black squares on Edge by using Shadow DOM for proper style isolation

Removed

• Removed verbose debug logging from panel.ts that was added during Edge troubleshooting
• Removed visibility: hidden from hidden panel CSS (was preventing Edge from loading iframe content)
• Removed redundant SHOW_ENTITY_PANEL message sends from highlight click handlers (now handled by showPanel() function)

---

Downloads

Browser	File	Installation
Chrome	filigran-xtm-chrome-0.0.9.zip	Load unpacked in chrome://extensions/
Firefox	filigran-xtm-firefox-0.0.9.zip	Load temporary add-on in about:debugging
Edge	filigran-xtm-edge-0.0.9.zip	Load unpacked in edge://extensions/

Installation Instructions

1. Download the appropriate zip file for your browser
2. Extract the zip file to a folder
3. Open your browser's extension management page
4. Enable "Developer mode"
5. Click "Load unpacked" and select the extracted folder

For full documentation, see the README.