IOC Parser is a tool to extract indicators of compromise from security reports in PDF format. A good collection of APT related reports with many IOCs can be found here: APTNotes. Usage: iocp [-h] [-p INI] [-i FORMAT] [-o FORMAT] [-d] [-l LIB] FILE FILE: File/directory path to report(s) -p INI: Pattern file -i FORMAT: Input format (pdf/txt/html) -o FORMAT: Output format (csv/json/yara) -d: Deduplicate matches -l LIB: Parsing library Installation: pip install ioc_parser Requirements: One of the following PDF parsing libraries: - PyPDF2: pip install pypdf2 - pdfminer: pip install pdfminer For HTML parsing support: - BeautifulSoup: pip install beautifulsoup4 For HTTP(S) support: - requests: pip install requests
This tool is not verified yet and doesn't have listed features.
Did you submit the verified tool? Sign in to add features.
Are you the author? Claim the tool by clicking the icon above. After claiming, you can add features.
Aggregates security threats from online sources and outputs to various formats.
An IOC tracker written in Python that queries Google Custom Search Engines for various cybersecurity indicators and monitors domain status using Google Safe Browsing APIs.
The Web's Largest Community Tracking Online Fraud & Abuse
Proof-of-concept implementation of TAXII services for developers and non-developers.
A platform providing real-time threat intelligence streams and reports on internet-exposed assets to help organizations monitor and secure their attack surface.
GCTI's open-source detection signatures for malware and threat detection