Skip to content
/ iocee Public

A small tool to automatically extract possible IOCs from streams of text data. Useful in conjunction with our bloom tool to identify IOCs.

License

View license
3 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

DCSO/iocee

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
data_types
data_types
 
 
iocee
iocee
 
 
.gitignore
.gitignore
 
 
.travis.yml
.travis.yml
 
 
CHANGELOG.md
CHANGELOG.md
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
iocee.go
iocee.go
 
 
iocee_test.go
iocee_test.go
 
 

Repository files navigation

IOCee

Extract potential IOCs from unstructured text

GoDoc Build Status

IOCee is a simple tool that reads a stream of text from standard input and searches for potential IOC values in it. When it encounters a value that could be an IOC (e.g. a domain name, IP address, URL or hash) it generates all potential variations of it and prints each of them on a separate line. The output data can then be used with other tools such as bloom, which expect one value per line.

Usage

To extract IOCs from a file:

cat filename.txt | iocee

To interactively extract IOCs (useful for testing):

iocee --interactive

Installation & Usage

To install the command line tool:

make install

To run the tests:

make test

About

A small tool to automatically extract possible IOCs from streams of text data. Useful in conjunction with our bloom tool to identify IOCs.

Resources

Readme

License

View license
Activity
Custom properties

Stars

3 stars

Watchers

5 watching

Forks

2 forks
Report repository

Releases 1

v0.1.0 Latest
Jun 27, 2017

Packages

 
 
 

Contributors 3

  •  
  •  
  •  

Languages