Introduction

A Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.

Why

It is common for security analysts and companies to share their research through Blogs, PDFs, CSV files, etc. IOC Parser makes this time-consuming process of extracting and aggregating Indicators of Compromise (IOCs) extremely easy through it's APIs.

Example

cURL
Python
Go
Javascript
cURL
curl --location --request POST 'https://api.iocparser.com/url' \
--header 'Content-Type: application/json' \
--data '{
"url": "https://blocklist.cyberthreatcoalition.org/vetted/domain.txt"
}'
Python
import requests
url = "https://api.iocparser.com/url"
payload = {
"url": "https://blocklist.cyberthreatcoalition.org/vetted/domain.txt"
}
headers = {
'Content-Type': 'application/json',
}
response = requests.request("POST", url, headers=headers, json = payload)
print(response.text.encode('utf8'))
Go
package main
import (
"fmt"
"strings"
"net/http"
"io/ioutil"
)
func main() {
url := "https://api.iocparser.com/url"
method := "POST"
payload := strings.NewReader("{\n \"url\": \"https://blocklist.cyberthreatcoalition.org/vetted/domain.txt\"\n}")
client := &http.Client {
}
req, err := http.NewRequest(method, url, payload)
if err != nil {
fmt.Println(err)
}
req.Header.Add("Content-Type", "application/json")
res, err := client.Do(req)
defer res.Body.Close()
body, err := ioutil.ReadAll(res.Body)
fmt.Println(string(body))
}
Javascript
var myHeaders = new Headers();
myHeaders.append("Content-Type", "application/json");
var raw = JSON.stringify({"url":"https://blocklist.cyberthreatcoalition.org/vetted/domain.txt"});
var requestOptions = {
method: 'POST',
headers: myHeaders,
body: raw,
redirect: 'follow'
};
fetch("https://api.iocparser.com/url", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));

IOC Types Supported

  • ASN

  • BITCOIN_ADDRESS

  • CVE

  • DOMAIN

  • EMAIL

  • FILE_HASH_MD5

  • FILE_HASH_SHA1

  • FILE_HASH_SHA256

  • IPv4

  • IPv6

  • MAC_ADDRESS

  • MITRE_ATT&CK

  • URL

  • YARA_RULE

IOC Types Planned

  • USER_AGENT

  • REGISTRY_KEY

  • PHONE_NUMBER