Closed jllangley closed 1 year ago
Hi, @jllangley!
This is currently not planned as the primary focus is to extract IOCs without too much clutter in the output. However, we do have another project that does this exact thing: https://github.com/InQuest/ThreatIngestor
ThreatIngestor aggregates intelligence from various sources and utilizes the iocextract package to extract IOCs. After extraction, ThreatIngestor does actually assign the IOC type to each artifact when collecting the intelligence.
This is probably more of a feature request... Is there a way with the "extract_iocs" function to have it output the IOC Type next to the IOC?
I have a work around, but I have to call each function individually.