Extract Indicators of Compromise (IOCs) from unstructured text.

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for jmcristobal from gravatar.com jmcristobal

Unverified details

These details have not been verified by PyPI
Meta
Classifiers
Report project as malware

Project description

text2ioc

text2ioc extracts Indicators of Compromise (IoCs) from unstructured text such as articles, reports, logs, and threat-intelligence notes.

Install from PyPI:

pip install text2ioc

Usage

from text2ioc.ioc import extract_iocs

text = (
    "Download https://dpaste[.]com/9MQEJ6VYR.txt from 77.221.158[.]154 "
    "and contact ops[at]example.org."
)

iocs = extract_iocs(text)
print(iocs["url"])
print(iocs["ipv4"])
print(iocs["email"])

Expected output:

['https://dpaste[.]com/9MQEJ6VYR.txt']
['77.221.158[.]154']
['ops[at]example.org']

Public API

  • extract_iocs(text: str) -> dict[str, list[str]]
  • get_tld_set_from_public_suffix_list() -> set[str]
  • post_filter_false_positives(entries, kind, text=None) -> list[str]
  • _is_unlikely_linux_path(path: str) -> bool
  • _find_invalid_occurrences(text: str, sub: str) -> bool

Development

  • Python 3.10+
  • Rust stable toolchain installed with rustup
  • maturin

Local toolchain setup:

curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal
pip3 install --user -r requirements_dev.txt

Local development

Build the native module into your active Python environment:

maturin develop --release

Run the test suite:

pytest

Run coverage:

coverage run --source text2ioc -m pytest
coverage report --show-missing --fail-under=95

Tox

tox

CI and packaging

  • Tests run on Linux, macOS, and Windows.
  • Coverage is still checked in CI.
  • Wheels and sdist are built with maturin-action.
  • The distributed package name is text2ioc and the import package remains text2ioc.

Authors

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for jmcristobal from gravatar.com jmcristobal

Unverified details

These details have not been verified by PyPI
Meta
Classifiers

Release history Release notifications | RSS feed

0.1.5

This version

0.1.2

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

text2ioc-0.1.2.tar.gz (30.6 kB view details)

Uploaded Source

Built Distributions

If you're not sure about the file name format, learn more about wheel file names.

text2ioc-0.1.2-cp310-abi3-win_amd64.whl (767.7 kB view details)

Uploaded CPython 3.10+Windows x86-64

text2ioc-0.1.2-cp310-abi3-manylinux_2_28_x86_64.whl (1.0 MB view details)

Uploaded CPython 3.10+manylinux: glibc 2.28+ x86-64

text2ioc-0.1.2-cp310-abi3-macosx_11_0_arm64.whl (863.0 kB view details)

Uploaded CPython 3.10+macOS 11.0+ ARM64

text2ioc-0.1.2-cp310-abi3-macosx_10_12_x86_64.whl (910.2 kB view details)

Uploaded CPython 3.10+macOS 10.12+ x86-64

File details

Details for the file text2ioc-0.1.2.tar.gz.

File metadata

  • Download URL: text2ioc-0.1.2.tar.gz
  • Upload date:
  • Size: 30.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for text2ioc-0.1.2.tar.gz
Algorithm Hash digest
SHA256 1d6f3e75839778a66009ec2f91941ae2f44cac25b7225dc57796a87865f60e79
MD5 d8917fd483a317c48c3ee31b0cba98ee
BLAKE2b-256 74a2f74f3f7d0048e17cef599fbce6c73e0a782c779ce3dc6d2edac1fb9c33c6

See more details on using hashes here.

Provenance

The following attestation bundles were made for text2ioc-0.1.2.tar.gz:

Publisher: wheels.yml on juanmcristobal/text2ioc

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file text2ioc-0.1.2-cp310-abi3-win_amd64.whl.

File metadata

  • Download URL: text2ioc-0.1.2-cp310-abi3-win_amd64.whl
  • Upload date:
  • Size: 767.7 kB
  • Tags: CPython 3.10+, Windows x86-64
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for text2ioc-0.1.2-cp310-abi3-win_amd64.whl
Algorithm Hash digest
SHA256 cdc8f665f79be4a84f9a3663913eeae73664b569ab6d8a5e1982fd098495e0dc
MD5 1bff72c1287ddea3e065fd3aef963ae8
BLAKE2b-256 5bfb486c7b0cac6be16e98f9bd8ef952f2b17b8b4b34f4082cf1f3ef42646a4d

See more details on using hashes here.

Provenance

The following attestation bundles were made for text2ioc-0.1.2-cp310-abi3-win_amd64.whl:

Publisher: wheels.yml on juanmcristobal/text2ioc

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file text2ioc-0.1.2-cp310-abi3-manylinux_2_28_x86_64.whl.

File metadata

File hashes

Hashes for text2ioc-0.1.2-cp310-abi3-manylinux_2_28_x86_64.whl
Algorithm Hash digest
SHA256 50530b5276123988fbe9d30918bd791136cf86b10a891b128289fd5bf32c4e3e
MD5 ecfd585c1db7a5535659f08335d95b56
BLAKE2b-256 8155b42959496ee5bd9ea7d37c017849ed3630081b6d7f8819c1ad358f20db5a

See more details on using hashes here.

Provenance

The following attestation bundles were made for text2ioc-0.1.2-cp310-abi3-manylinux_2_28_x86_64.whl:

Publisher: wheels.yml on juanmcristobal/text2ioc

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file text2ioc-0.1.2-cp310-abi3-macosx_11_0_arm64.whl.

File metadata

File hashes

Hashes for text2ioc-0.1.2-cp310-abi3-macosx_11_0_arm64.whl
Algorithm Hash digest
SHA256 9f3e161f57fe801d0016425b40cf7af5cf89043f939027beac39a9b066f12889
MD5 1f5f08bd4683d9341df663c75ceba2d4
BLAKE2b-256 09d7f2b3c2d5fb8d24ae4623119d19210db3a5ab6189f75a47f8c346ade9c0a6

See more details on using hashes here.

Provenance

The following attestation bundles were made for text2ioc-0.1.2-cp310-abi3-macosx_11_0_arm64.whl:

Publisher: wheels.yml on juanmcristobal/text2ioc

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file text2ioc-0.1.2-cp310-abi3-macosx_10_12_x86_64.whl.

File metadata

File hashes

Hashes for text2ioc-0.1.2-cp310-abi3-macosx_10_12_x86_64.whl
Algorithm Hash digest
SHA256 733a767aa9e7c4e416b14ffb276a8d4e02e969f01e2aa298ffab8acb0c0f7650
MD5 cf3e1e9ccbdaaae693f90e71e46a4c73
BLAKE2b-256 b542ce3cb573146391090507fd0aed9cf39828bcbc6d089139acd21008a89c74

See more details on using hashes here.

Provenance

The following attestation bundles were made for text2ioc-0.1.2-cp310-abi3-macosx_10_12_x86_64.whl:

Publisher: wheels.yml on juanmcristobal/text2ioc

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page