# ioc-parser
> Extract indicators of compromise (IOCs) from PDF reports and text files

**Category:** [[categories/gather-and-analyze-data|Gather and Analyze Data]] | **Tier:** Rich (FOR610)
**Docs:** [https://docs.remnux.org/discover-the-tools/gather+and+analyze+data](https://docs.remnux.org/discover-the-tools/gather+and+analyze+data)

## Usage
```bash
ioc_parser <report.pdf>
```

## Related Tools
- [[tools/dexray|dexray]] — Extract and decode data from antivirus quarantine files.
- [[tools/dissect|dissect]] — Perform a variety of forensics and incident response tasks u
- [[tools/dnslib|dnslib]] — Python library to encode/decode DNS wire-format packets.
- [[tools/ipwhois|ipwhois]] — Retrieve and parse whois data for IP addresses.
- [[tools/malwoverview|malwoverview]] — Query VirusTotal, Hybrid Analysis, and MalwareBazaar for mal

#ioc #extraction #threat-intel