Introduction

A Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.

Why

It is common for security analysts and companies to share their research through Blogs, PDFs, CSV files, etc. IOC Parser makes the time-consuming process of extracting and aggregating Indicators of Compromise (IOCs) extremely easy through its APIs.

Example

cURL
Python
Go
Javascript
cURL
curl --location --request POST 'https://api.iocparser.com/url' \
--header 'Content-Type: application/json' \
--data '{
"url": "https://blocklist.cyberthreatcoalition.org/vetted/domain.txt"
}'
Python
import requests
url = "https://api.iocparser.com/url"
payload = {
"url": "https://blocklist.cyberthreatcoalition.org/vetted/domain.txt"
}
headers = {
'Content-Type': 'application/json',
}
response = requests.request("POST", url, headers=headers, json = payload)
print(response.text.encode('utf8'))
Go
package main
import (
"fmt"
"strings"
"net/http"
"io/ioutil"
)
func main() {
url := "https://api.iocparser.com/url"
method := "POST"
payload := strings.NewReader("{\n \"url\": \"https://blocklist.cyberthreatcoalition.org/vetted/domain.txt\"\n}")
client := &http.Client {
}
req, err := http.NewRequest(method, url, payload)
if err != nil {
fmt.Println(err)
}
req.Header.Add("Content-Type", "application/json")
res, err := client.Do(req)
defer res.Body.Close()
body, err := ioutil.ReadAll(res.Body)
fmt.Println(string(body))
}
Javascript
var myHeaders = new Headers();
myHeaders.append("Content-Type", "application/json");
var raw = JSON.stringify({"url":"https://blocklist.cyberthreatcoalition.org/vetted/domain.txt"});
var requestOptions = {
method: 'POST',
headers: myHeaders,
body: raw,
redirect: 'follow'
};
fetch("https://api.iocparser.com/url", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));

IOC Types Supported

  • ASN

  • BITCOIN_ADDRESS

  • CVE

  • DOMAIN

  • EMAIL

  • FILE_HASH_MD5

  • FILE_HASH_SHA1

  • FILE_HASH_SHA256

  • IPv4

  • IPv6

  • MAC_ADDRESS

  • MITRE_ATT&CK

  • URL

  • YARA_RULE

IOC Types Planned

  • USER_AGENT

  • REGISTRY_KEY

  • PHONE_NUMBER