Skip to content
/ ioc_parser Public
forked from LDO-CERT/ioc_parser

Tool to extract indicators of compromise from security reports in PDF format

License

MIT license
0 stars 170 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

vxsh4d0w/ioc_parser

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

27 Commits
whitelists
whitelists
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
ioc-parser.py
ioc-parser.py
 
 
output.py
output.py
 
 
patterns.ini
patterns.ini
 
 
whitelist.py
whitelist.py
 
 

Repository files navigation

ioc-parser

IOC Parser is a tool to extract indicators of compromise from security reports in PDF format. A good collection of APT related reports with many IOCs can be found here: APTNotes.

Usage

ioc-parser.py [-h] [-p INI] [-f FORMAT] [-d] [-l LIB] PDF

  • PDF File/directory path to PDF report(s)
  • -p INI Pattern file
  • -f FORMAT Output format (csv/json/yara)
  • -d Deduplicate matches
  • -l LIB Parsing library

Requirements

One of the following PDF parsing libraries:

About

Tool to extract indicators of compromise from security reports in PDF format

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%