This is a pre-production deployment of Warehouse. Changes made here affect the production instance of PyPI (pypi.python.org).
Help us improve Python packaging - Donate today!

Extracts indicators of compromise (IOCs), including domain names, IPv4 addresses, email addresses, and hashes, from text.

Project Description

extract_iocs is a Python module that extracts indicators of compromise (IOCs), including domain names, IPv4 addresses, email addresses, and hashes, from text. It uses some huge and ugly regexes, has special handling to identify domain names with a relatively low false-positive rate, and does some magic to try to extract IOCs across line breaks.

This script was inspired by and initially based on Stephen Brannon’s IOCextractor (https://github.com/stephenbrannon/IOCextractor), but turned into a complete rewrite. extract_iocs provides no GUI and does not support any kind of analyst workflow. It is intended to be used for triage or automation purposes where a relatively high FP rate (as well as the occational false negative) are acceptable.

Release History

Release History

This version
History Node

2.0.1

History Node

2.0.0

History Node

1.0.0

Download Files

Download Files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

File Name & Checksum SHA256 Checksum Help Version File Type Upload Date
extract_iocs-2.0.1.tar.gz (8.2 kB) Copy SHA256 Checksum SHA256 Source Jul 27, 2016

Supported By

WebFaction WebFaction Technical Writing Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Rackspace Rackspace Cloud Servers DreamHost DreamHost Log Hosting