Cacador is a tool for extracting common indicators of compromise from a block of text. The easiest way to get cacador is to download the latest release for your platform. Compiling Cacador: Install golang go get github.com/sroberts/cacador Compile with go build Running: Run with ./cacador. It accepts text from stdin and writes a JSON blob of IOCs to stdout. For example: cat text.txt | ./cacador | import where text is some IOC rich text and import pushes your new IOCs into your threat management system. Cacador does recognize two command line flags: - comment="Foo" which makes it possible to leave a note as metadata. - tags="Foo, bar, baz" which adds tags. Generating a new release: Install goreleaser via go get github.com/goreleaser/goreleaser. Push your branch to GitHub. Tag it via git tag -a v1.0.3 -m "Release 1.0.3 - Minor bugfix edition." Push the tag to GitHub via git push origin v1.0.3 Ensure you have a GITHUB_TOKEN env var set. Run goreleaser. Why? Other tools for doing indicator extraction are pretty awesome (like armbues/ioc_parser or sroberts/jager), but what's nice about cacador is you can use it to extract IOCs from text files.
FEATURES
ALTERNATIVES
A tool for discovering open S3 Buckets starting from a domain using various techniques such as crawling and DNS crawling.
Load-balancing solution by Microsoft Azure with global infrastructure and financial guidance.
A collection of PCAPs for ICS/SCADA utilities and protocols with the option for users to contribute.
A multi-threaded intrusion detection system using Yara for network and stream IDS
CapTipper is a python tool to analyze, explore, and revive HTTP malicious traffic.
PINNED

InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.

Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.