Email Regex Needs some Love
"emails": [
"W32.MyDoom@mm",
"[email protected]",
"[email protected]"
]
Needs to be better. W32.MyDoom@mm is not an email.
How specific do we want to be with domains? Do we want to list all valid TLDs (ugh!) or just accept anything that has at least two parts in the domain segment?
so having run into this a bunch of time I think we honestly want a full list. That's a pain, but honestly it's so much more accurate. Otherwise I get all kinds of funny outputs.
I don't disagree - just thinking through the implications of whichever course of action (both are valid in different ways).
So we'll probably want a script that updates a TLD data file to run weekly. It's not hard at all but will be important.
oh hey https://github.com/icann/uniaccept-python is what we need.
I welcome your PR. :smirk:
already working on it!
:metal:
This shouldn't be a function of jager per se but should be handled in utilitybelt.
I don't know if you guys killed off this project but python-iocextract should help with most of your extraction issues https://github.com/InQuest/python-iocextract
@deadbits I haven't, but also haven't done much with it either. I've been focused more on Cacador.
Gotcha. In that case you have no need for our iocextract project :) looks like you have it covered. But ofc if you need to take some ideas from the project feel free to.
Great work on Cacador too. First time use today 👌