IOC Parser Logo

IOC Parser

0
Free
Visit Website

IOC Parser is a tool to extract indicators of compromise from security reports in PDF format. A good collection of APT related reports with many IOCs can be found here: APTNotes. Usage: iocp [-h] [-p INI] [-i FORMAT] [-o FORMAT] [-d] [-l LIB] FILE FILE: File/directory path to report(s) -p INI: Pattern file -i FORMAT: Input format (pdf/txt/html) -o FORMAT: Output format (csv/json/yara) -d: Deduplicate matches -l LIB: Parsing library Installation: pip install ioc_parser Requirements: One of the following PDF parsing libraries: - PyPDF2: pip install pypdf2 - pdfminer: pip install pdfminer For HTML parsing support: - BeautifulSoup: pip install beautifulsoup4 For HTTP(S) support: - requests: pip install requests

FEATURES

ALTERNATIVES

eCrimeLabs provides a SOAR platform for threat detection and response, integrated with MISP.

A comprehensive list of IP addresses for cybersecurity purposes, including threat intelligence, incident response, and security research.

A collection of YARA rules for Windows, Linux, and Other threats.

Platform providing community-driven threat intelligence on cyber threats with a focus on malware and botnets.

A repository of cybersecurity datasets and tools curated by @sooshie.

C# wrapper around Yara pattern matching library with Loki and Yara signature support.

A python3 application for querying sites hosting publicly pasted data and scanning for sensitive information.

Home for rules used by Elastic Security with code for unit testing, Kibana integration, and Red Team Automation.

PINNED