Features

IOC Parser enables the following features

Extract Indicators of Compromise (IOCs) from a variety of sources such as - Security Blogs, PDF Reports, CSV, Text Files, Zipped Files, Raw Text dump, JSON text, etc.
Supports extracting a variety of IOCs such as - ASN, BITCOIN_ADDRESS, CVE, DOMAIN, EMAIL, FILE_HASH_MD5, FILE_HASH_SHA1 , FILE_HASH_SHA256, IPv4, IPv6, MAC_ADDRESS, MITRE_ATT&CK, URL, YARA_RULE.
Supports extraction of defanged IOCs.
Supports multiple Encoding Types.
Supports extracting of Metadata.
Supports default WHITELIST.

WIP - Ingest aggregated Sources to understand what kinds of attacks are trending in the wild.

WIP - Ingest extra Intel about IOCs to gain a deeper understanding about the threats.

Last updated 4 years ago