I recommend replacing decode() with decode(errors='replace') in the iocextract plugin, so that the any non-UTF8 data doesn't cause the decoding to fail. Other options include 'surrogateescape' or 'ignore'. The first add non-Unicode characters, and the second removes a character that could separate other strings.
I recommend replacing
decode()withdecode(errors='replace')in the iocextract plugin, so that the any non-UTF8 data doesn't cause the decoding to fail. Other options include 'surrogateescape' or 'ignore'. The first add non-Unicode characters, and the second removes a character that could separate other strings.https://github.com/PUNCH-Cyber/stoq-plugins-public/blob/8aaf3b97dc3972ca852d2a73a7899afa7394f9bb/iocextract/iocextract/iocextract.py#L136 https://github.com/PUNCH-Cyber/stoq-plugins-public/blob/8aaf3b97dc3972ca852d2a73a7899afa7394f9bb/iocextract/iocextract/iocextract.py#L140