Cacador Logo

Cacador

0
Free
Visit Website

Cacador is a tool for extracting common indicators of compromise from a block of text. The easiest way to get cacador is to download the latest release for your platform. Compiling Cacador: Install golang go get github.com/sroberts/cacador Compile with go build Running: Run with ./cacador. It accepts text from stdin and writes a JSON blob of IOCs to stdout. For example: cat text.txt | ./cacador | import where text is some IOC rich text and import pushes your new IOCs into your threat management system. Cacador does recognize two command line flags: - comment="Foo" which makes it possible to leave a note as metadata. - tags="Foo, bar, baz" which adds tags. Generating a new release: Install goreleaser via go get github.com/goreleaser/goreleaser. Push your branch to GitHub. Tag it via git tag -a v1.0.3 -m "Release 1.0.3 - Minor bugfix edition." Push the tag to GitHub via git push origin v1.0.3 Ensure you have a GITHUB_TOKEN env var set. Run goreleaser. Why? Other tools for doing indicator extraction are pretty awesome (like armbues/ioc_parser or sroberts/jager), but what's nice about cacador is you can use it to extract IOCs from text files.

FEATURES

ALTERNATIVES

Scan the internet for publicly exposed network components

A next-generation network scanner for identifying security configuration weaknesses in devices like routers, firewalls, and switches.

A tool for enumerating subdomains of a given domain

LinkLiar is a status menu app for spoofing MAC addresses to enhance privacy on MacBook.

NBD is a user-space network protocol for sharing block devices over a network, allowing clients to access block devices on a server as if they were local.

Mass IP port scanner for Internet-scale scanning with high speed and flexibility.

Prisma SASE is a cloud-delivered service integrating network security, SD-WAN, and user experience management for comprehensive protection and optimization of hybrid work environments.

Open-source set of libraries and drivers to accelerate network performance.

PINNED