https://github.com/fhightower/ioc-finder

Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/
https://github.com/fhightower/ioc-finder

cidr-range cidr-ranges grammar-parser grammars hacktoberfest indicators-of-compromise ioc-finder iocs ipv4 malware-analysis malware-research network-data observable parse-urls threat-hunting threat-intelligence threat-sharing threatintel

Last synced: about 1 year ago
JSON representation

Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/

• Host: GitHub
• URL: https://github.com/fhightower/ioc-finder
• Owner: fhightower
• License: lgpl-3.0
• Created: 2018-01-25T11:01:10.000Z (over 8 years ago)
• Default Branch: main
• Last Pushed: 2023-11-16T11:19:09.000Z (over 2 years ago)
• Last Synced: 2025-04-13T01:08:49.028Z (about 1 year ago)
• Topics: cidr-range, cidr-ranges, grammar-parser, grammars, hacktoberfest, indicators-of-compromise, ioc-finder, iocs, ipv4, malware-analysis, malware-research, network-data, observable, parse-urls, threat-hunting, threat-intelligence, threat-sharing, threatintel
• Language: Python
• Homepage:
• Size: 1.35 MB
• Stars: 164
• Watchers: 6
• Forks: 42
• Open Issues: 54
• Metadata Files:
  • Readme: README.md
  • Changelog: CHANGELOG.md
  • Contributing: CONTRIBUTING.rst
  • License: COPYING

Awesome Lists containing this project

README

          
# IOC Finder

[![PyPi](https://img.shields.io/pypi/v/ioc_finder.svg)](https://pypi.python.org/pypi/ioc_finder)

![PyPI - Downloads](https://img.shields.io/pypi/dm/ioc-finder)

[![CI](https://github.com/fhightower/ioc-finder/workflows/CI/badge.svg)](https://github.com/fhightower/ioc-finder/actions)

[![Lint](https://github.com/fhightower/ioc-finder/workflows/Lint/badge.svg)](https://github.com/fhightower/ioc-finder/actions)

[![codecov](https://codecov.io/gh/fhightower/ioc-finder/branch/master/graph/badge.svg)](https://codecov.io/gh/fhightower/ioc-finder)

[![License: LGPL v3](https://img.shields.io/badge/License-LGPL%20v3-blue.svg)](https://choosealicense.com/licenses/lgpl-3.0/)

[![live demo](https://img.shields.io/badge/live%20demo-%E2%86%92-green)](https://hightower.space/ioc-finder/)

Parse [indicators of compromise](https://searchsecurity.techtarget.com/definition/Indicators-of-Compromise-IOC) (also known as "observables" or "network data" - e.g. urls, email addresses, etc) from text.

📖 [Documentation](https://hightower.space/ioc-finder) (it's interactive!)

💪 I'm looking for [sponsorship](https://github.com/sponsors/fhightower) for this project.

I have a number of improvements and helpful features I'd like to add and would appreciate some support as I invest this time and focus.

If you use this project for in a commercial capacity and/or find it useful, please consider [contributing](https://github.com/sponsors/fhightower) even a small amount. Thanks!