IOC Parser Logo

IOC Parser

0
Free
Visit Website

IOC Parser is a tool to extract indicators of compromise from security reports in PDF format. A good collection of APT related reports with many IOCs can be found here: APTNotes. Usage: iocp [-h] [-p INI] [-i FORMAT] [-o FORMAT] [-d] [-l LIB] FILE FILE: File/directory path to report(s) -p INI: Pattern file -i FORMAT: Input format (pdf/txt/html) -o FORMAT: Output format (csv/json/yara) -d: Deduplicate matches -l LIB: Parsing library Installation: pip install ioc_parser Requirements: One of the following PDF parsing libraries: - PyPDF2: pip install pypdf2 - pdfminer: pip install pdfminer For HTML parsing support: - BeautifulSoup: pip install beautifulsoup4 For HTTP(S) support: - requests: pip install requests

FEATURES

ALTERNATIVES

Tool for managing Yara rules on VirusTotal

A platform providing real-time threat intelligence streams and reports on internet-exposed assets to help organizations monitor and secure their attack surface.

Collection of YARA signatures from recent malware research.

Maldatabase is a threat intelligence platform providing malware datasets and threat intelligence feeds for malware data science and threat intelligence.

Provides advanced external threat intelligence to help organizations proactively identify and mitigate potential security threats.

A collection of YARA rules for research and hunting purposes.

A project that detects malicious SSL connections by identifying and blacklisting SSL certificates used by botnet C&C servers and identifying JA3 fingerprints to detect and block malware botnet C&C communication.

Cyber Intelligence Management Platform with threat tracking, forensic artifacts, and YARA rule storage.

PINNED