ioc_parser
ioc_parser copied to clipboard
armbues
Tool to extract indicators of compromise from security reports in PDF format
- Code layout changes (PEP-8 coding style) - Python 3 compatibility - Parser class initialization refactoring - Compile the regexps with the IGNORECASE flag
Any thoughts on ocr parsing iocs from images embedded within pdfs?
I have a pdf document which includes an aol email address in the following format Sample: abcd[.]aol[.]com I am running the iocp parser without any options/flags and I see the...
Suggestions: - At line #43 : https://github.com/armbues/ioc_parser/blob/master/iocp.py#L43 - Replace with: ``` python try: from StringIO import StringIO except ImportError: from io import StringIO ``` - pdfminer doesn't support python3, so...
[Reference](https://en.wikipedia.org/wiki/Reserved_IP_addresses) ``` self.reserved_address_ranges = [ ['0.0.0.0', 8, 'Broadcast messages to the current (this)'], ['10.0.0.0', 8, 'Local communication in private network'], ['100.64.0.0', 10, 'carrier-grade NAT'], ['127.0.0.0', 8, 'Local Loopback'], ['169.254.0.0', 16,...
link : https://securelist.com/files/2016/07/The-ProjectSauron-APT_IOCs_KL.pdf not extract ip c2 and got errors on masked c2 example: asrgd-uz%d.weedns[.]com (mask)
