Thanks to visit codestin.com
Credit goes to github.com

Skip to content
/ ioc_parser Public

Tool to extract indicators of compromise from security reports in PDF format

License

MIT license
439 stars 173 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

armbues/ioc_parser

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

68 Commits
bin
bin
 
 
iocp
iocp
 
 
.gitignore
.gitignore
 
 
LICENSE.txt
LICENSE.txt
 
 
MANIFEST.in
MANIFEST.in
 
 
README.md
README.md
 
 
__init__.py
__init__.py
 
 
requirements.txt
requirements.txt
 
 
setup.cfg
setup.cfg
 
 
setup.py
setup.py
 
 

Repository files navigation

ioc-parser

IOC Parser is a tool to extract indicators of compromise from security reports in PDF format. A good collection of APT related reports with many IOCs can be found here: APTNotes.

Usage

iocp [-h] [-p INI] [-i FORMAT] [-o FORMAT] [-d] [-l LIB] FILE

  • FILE File/directory path to report(s)
  • -p INI Pattern file
  • -i FORMAT Input format (pdf/txt/html)
  • -o FORMAT Output format (csv/json/yara)
  • -d Deduplicate matches
  • -l LIB Parsing library

Installation

pip install ioc_parser

Requirements

One of the following PDF parsing libraries:

For HTML parsing support:

For HTTP(S) support:

About

Tool to extract indicators of compromise from security reports in PDF format

Resources

Readme

License

MIT license
Activity

Stars

439 stars

Watchers

51 watching

Forks

173 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 7

Languages