Skip to content
/ IOC-Splitter Public

A Python script to extract and categorize Indicators of Compromise (IOC) from a text file into separate files for IP addresses, domains, URLs, and hashes. Outputs a consolidated 'final.txt' with all extracted data in the specified order.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

rodanmaharjan/IOC-Splitter

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
README.md
README.md
 
 
ioc_splitter.py
ioc_splitter.py
 
 
test_ioc_splitter.py
test_ioc_splitter.py
 
 

Repository files navigation

⚡️ IOC-Splitter 🚀

Python Contributions License

IOC-Splitter is a Python script designed to easily extract and categorize Indicators of Compromise (IOCs) from text files. With this tool, you can split out IP addresses, domains, URLs, and hash values into separate files, and generate a clean, consolidated output file.

🛠 Features

  • 💡 Extract and categorize IOCs: Automatically separates IP addresses, domains, URLs, and hash values into individual files.
  • 📂 Organized output: Creates separate files for IPs, domains, URLs, and hashes.
  • 📝 Consolidated IOC file: Combines all extracted IOCs into a single file for easy use.
  • 🏃‍♂️ Simple and fast: No external libraries required — just Python and your input file.

🔧 Requisites

  • Python 3.x:
    Install from python.org.

  • Input File (input.txt):
    A text file that contains your IOCs, each on a new line (URLs, IPs, domains, hashes).

🚀 How to Use

  1. Clone the repository:

    git clone https://github.com/rodanmaharjan/IOC-Splitter.git
cd IOC-Splitter

  2. Prepare your input.txt:
    Add the IOCs to the input.txt file, with each IOC on a new line.

  3. Run the script:

    python3 ioc_splitter.py

  4. Check the output:
    The script will create the following output files:

    • ip.txt: Extracted IP addresses.
    • domain.txt: Extracted domains.
    • url.txt: Extracted URLs.
    • hash.txt: Extracted hash values.
    • final.txt: A consolidated file containing all the IOCs in order.

📂 Example

Input (input.txt):

8.8.8.8
example.com
https://malicious-url.com
deadbeefdeadbeefdeadbeefdeadbeef
1.1.1.1
anotherexample.org
http://phishing-site.com
cafebabe0000dead0000cafebabe0000

Output:

  • ip.txt:

    8.8.8.8
1.1.1.1

  • domain.txt:

    example.com
anotherexample.org

  • url.txt:

    https://malicious-url.com
http://phishing-site.com

  • hash.txt:

    deadbeefdeadbeefdeadbeefdeadbeef
cafebabe0000dead0000cafebabe0000

  • final.txt (combined file):

    8.8.8.8
1.1.1.1
example.com
anotherexample.org
https://malicious-url.com
http://phishing-site.com
deadbeefdeadbeefdeadbeefdeadbeef
cafebabe0000dead0000cafebabe0000

📦 Installation & Requirements

  • Python 3.x: Install from python.org.
  • No external libraries needed — uses built-in Python functions for regular expressions and file handling.

💡 Contributing

Contributions are welcome! Feel free to fork this project, open issues, or submit pull requests to enhance IOC-Splitter.

👨‍💻 Author

[Rodan Maharjan]
Check out more projects on GitHub.

🏁 Get Started

Ready to organize and manage your IOCs? Clone the repo and automate your IOC extraction process now!

About

A Python script to extract and categorize Indicators of Compromise (IOC) from a text file into separate files for IP addresses, domains, URLs, and hashes. Outputs a consolidated 'final.txt' with all extracted data in the specified order.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages