Skip to content
/ ioc-extractor-lite Public

πŸ› οΈ Lightweight CLI tool to extract IOCs (Indicators of Compromise) from raw log files. Supports IP addresses, domains, URLs, and common hash formats. Ideal for beginner SOC analysts and automation scripting.

License

GPL-3.0 license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

HellCatLabs/ioc-extractor-lite

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

2 Commits
.gitignore
.gitignore
Β 
Β 
DONOTREADME.md
DONOTREADME.md
Β 
Β 
LICENSE
LICENSE
Β 
Β 
README.md
README.md
Β 
Β 
extractor.py
extractor.py
Β 
Β 

Repository files navigation

ioc-extractor-lite

πŸ› οΈ Your mission: Build a simple Python script that extracts IOCs from a raw log file.

πŸ§ͺ What you'll detect

  • IP addresses (IPv4)
  • Domain names
  • URLs (http/https)
  • File hashes (MD5, SHA1, SHA256)

πŸš€ Instructions

  1. Check the file: logs/sample.log
  2. Use the a Python script: extractor.py
  3. Use regex to extract IOCs from the file
  4. Print the results in a clean format (optional: sort or deduplicate them)

Need help? Check DONOTREADME.md (but only if you're stuck πŸ˜‰)

🧩 Bonus ideas

  • Save the IOCs to a file
  • Add CLI args with argparse

πŸ“š Resources

πŸŽ‰ Happy coding!

Thanks for the contributors:

About

πŸ› οΈ Lightweight CLI tool to extract IOCs (Indicators of Compromise) from raw log files. Supports IP addresses, domains, URLs, and common hash formats. Ideal for beginner SOC analysts and automation scripting.

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages