Cacador Logo

Cacador

0
Free
Visit Website

Cacador is a tool for extracting common indicators of compromise from a block of text. The easiest way to get cacador is to download the latest release for your platform. Compiling Cacador: Install golang go get github.com/sroberts/cacador Compile with go build Running: Run with ./cacador. It accepts text from stdin and writes a JSON blob of IOCs to stdout. For example: cat text.txt | ./cacador | import where text is some IOC rich text and import pushes your new IOCs into your threat management system. Cacador does recognize two command line flags: - comment="Foo" which makes it possible to leave a note as metadata. - tags="Foo, bar, baz" which adds tags. Generating a new release: Install goreleaser via go get github.com/goreleaser/goreleaser. Push your branch to GitHub. Tag it via git tag -a v1.0.3 -m "Release 1.0.3 - Minor bugfix edition." Push the tag to GitHub via git push origin v1.0.3 Ensure you have a GITHUB_TOKEN env var set. Run goreleaser. Why? Other tools for doing indicator extraction are pretty awesome (like armbues/ioc_parser or sroberts/jager), but what's nice about cacador is you can use it to extract IOCs from text files.

FEATURES

ALTERNATIVES

A tool for discovering open S3 Buckets starting from a domain using various techniques such as crawling and DNS crawling.

A simple tool to take screenshots of HTTPS websites

Load-balancing solution by Microsoft Azure with global infrastructure and financial guidance.

A Hadoop library for reading and querying PCAP files

A collection of PCAPs for ICS/SCADA utilities and protocols with the option for users to contribute.

A multi-threaded intrusion detection system using Yara for network and stream IDS

CapTipper is a python tool to analyze, explore, and revive HTTP malicious traffic.

A fast and multi-purpose DNS toolkit for DNS reconnaissance and testing