search

InQuest / iocextract

Defanged Indicator of Compromise (IOC) Extractor.
https://inquest.readthedocs.io/projects/iocextract/
GNU General Public License v2.0
498 stars 91 forks source link

Look in to adding \. defang detection #10

Closed rshipp closed 6 years ago

rshipp commented 6 years ago

Example: https://twitter.com/ClearskySec/status/1001833343581900800

c2: www.nubpubwizard.jetos\.com
c2: worktrs.wikaba\.com
Spoofs host header