CybersecTools API access is now live!Learn More
iocextract Logo

iocextract

A library and command line interface for extracting URLs, IP addresses, MD5/SHA hashes, email addresses, and YARA rules from text corpora.

546
Threat Management Open Source
IocRegex
Visit website
Compare
Compare
0
Explore Threat Management12 AlternativesCompareStacksMarket MapExplore All Tools
APIBuild market maps, track competitors, monitor vendorsRequest API Access

iocextract Description

iocextract Indicator of Compromise (IOC) extractor for some of the most commonly ingested artifacts. Overview The Problem Our Solution Example Use Case Installation Usage Library Command Line Interface Helpful Information FAQ More Details Custom Regex Related Projects Contributing Overview The iocextract package is a library and command line interface (CLI) for extracting URLs, IP addresses, MD5/SHA hashes, email addresses, and YARA rules from text corpora. It allows for you to extract encoded and "defanged" IOCs and optionally decode or refang them. The Problem It is common practice for malware analysts or endpoint software to "defang" IOCs such as URLs and IP addresses, in order to prevent accidental exposure to live malicious content. Being able to extract and aggregate these IOCs is often valuable for analysts. Unfortunately, existing "IOC extraction" tools often pass right by them, as they are not caught by standard regex. For example, the simple defanging technique of surrounding periods with brackets: 127[.]0[.]0[.]1 Existing tools that use a simple IP address regex will ignore this IOC entirely. Our Solution By combining specially crafted regex with some careful consideration of the problem, we can effectively extract these IOCs.

iocextract FAQ

Common questions about iocextract including features, pricing, alternatives, and user reviews.

iocextract is A library and command line interface for extracting URLs, IP addresses, MD5/SHA hashes, email addresses, and YARA rules from text corpora.. It is a Threat Management solution designed to help security teams with IOC, Regex.

Have more questions? Browse our categories or search for specific tools.

FEATURED

Push Security Logo
Push Security
Zero Trust
CybersecRadars Logo
CybersecRadars
Threat Management
Heeler Logo
Heeler
Application Security
Hudson Rock Logo
Hudson Rock
Threat Management
Get Featured

ALTERNATIVES

Hudson Rock Cybercrime Intelligence Tools Logo
Hudson Rock Cybercrime Intelligence Tools

Cybercrime intelligence tools for searching compromised credentials from infostealers

0
CybersecRadars Logo
CybersecRadars

Cybersecurity market intelligence platform for tracking competitors & funding.

0
Cybersec Feeds Logo
Cybersec Feeds

A threat intelligence aggregation service that consolidates and summarizes security updates from multiple sources to provide comprehensive cybersecurity situational awareness.

0
OSINTLeak Real-time OSINT Leak Intelligence Logo
OSINTLeak Real-time OSINT Leak Intelligence

Real-time OSINT monitoring for leaked credentials, data, and infrastructure

0
CTIChef.com Detection Feeds Logo
CTIChef.com Detection Feeds

A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.

0

POPULAR

RoboShadow Logo
RoboShadow
Vulnerability Assessment
OSINTLeak Real-time OSINT Leak Intelligence Logo
OSINTLeak Real-time OSINT Leak Intelligence
Threat Intelligence Platforms
Cybersec Feeds Logo
Cybersec Feeds
Threat Intelligence Platforms
TestSavant AI Security Assurance Platform Logo
TestSavant AI Security Assurance Platform
AI Red Teaming
Fabric Platform by BlackStork Logo
Fabric Platform by BlackStork
Security Information and Event Management
View Popular Tools →

TRENDING CATEGORIES

Digital Forensics and Incident Response
Digital Forensics and Incident Response (DFIR) tools for digital forensic analysis, evidence collection, malware analysis, and cyber incident investigation.
521
Threat Intelligence Platforms
TIP for collecting, analyzing, and sharing cyber threat data, indicators of compromise (IOCs), and threat feeds.
412
Managed Detection and Response
Managed Detection and Response (MDR) services that provide 24/7 threat monitoring, detection, and response capabilities managed by security experts.
299
Multi-Factor Authentication and Single Sign-On
Multi-factor authentication (MFA) and single sign-on (SSO) solutions for secure user authentication and access control.
290
Identity Governance and Administration
Identity Governance and Administration (IGA) platforms for identity lifecycle management, access governance, role management, and compliance reporting.
282
View All Categories →

Stay Updated with Mandos Brief

Get strategic cybersecurity insights in your inbox