Cacador Logo

Cacador

0
Free
Visit Website

Cacador is a tool for extracting common indicators of compromise from a block of text. The easiest way to get cacador is to download the latest release for your platform. Compiling Cacador: Install golang go get github.com/sroberts/cacador Compile with go build Running: Run with ./cacador. It accepts text from stdin and writes a JSON blob of IOCs to stdout. For example: cat text.txt | ./cacador | import where text is some IOC rich text and import pushes your new IOCs into your threat management system. Cacador does recognize two command line flags: - comment="Foo" which makes it possible to leave a note as metadata. - tags="Foo, bar, baz" which adds tags. Generating a new release: Install goreleaser via go get github.com/goreleaser/goreleaser. Push your branch to GitHub. Tag it via git tag -a v1.0.3 -m "Release 1.0.3 - Minor bugfix edition." Push the tag to GitHub via git push origin v1.0.3 Ensure you have a GITHUB_TOKEN env var set. Run goreleaser. Why? Other tools for doing indicator extraction are pretty awesome (like armbues/ioc_parser or sroberts/jager), but what's nice about cacador is you can use it to extract IOCs from text files.

FEATURES

ALTERNATIVES

Akamai Enterprise Application Access is a ZTNA solution that provides secure, identity-based access to private applications without exposing the network.

Simple perl script for making Modbus transactions from the command line.

A tool for discovering open S3 Buckets starting from a domain using various techniques such as crawling and DNS crawling.

DNS spoofer tool for redirecting DNS lookup requests.

Netis Cloud Probe is an open source project for capturing and analyzing network packets across different machines.

A low interaction Python honeypot designed to mimic various services and ports to attract attackers and log access attempts.

AWS Shield provides managed DDoS protection for your applications, automatically detecting and mitigating sophisticated network-level DDoS events.

Snort is an open source intrusion prevention system that uses rules to detect and prevent malicious network activity.