Automic VaultAutomic Vault

brew

iocextract mit Homebrew, Nix installieren

Prüfe Installationswege, Executables, Metadaten und Sicherheitshinweise für iocextract in AI-Agent-Workflows.

Installation

Weitere Installationsbefehle

macOS

Homebrewverifiziert · 100%
brew install iocextract

local Homebrew formula metadata

Überblick

Paketzusammenfassung

Defanged indicator of compromise extractor

Befehle und Aliase

  • iocextract

Verlauf

Projektgeschichte und Nutzung

iocextract is an InQuest Python library and CLI for extracting indicators of compromise from text, including deliberately defanged URLs, IP addresses, email addresses, hashes, and YARA rules. It sits in the security-automation niche where analysts need to turn threat reports, tweets, notes, and pasted text into machine-readable observables.

Projektgeschichte

The project documentation frames iocextract around a specific analyst problem: simple regular expressions miss indicators that have been defanged to avoid accidental clicks or live requests. iocextract combines custom regexes and post-processing so those strings can be detected and optionally refanged.

The GitHub release history shows continuing feature and bug-fix releases, including work around URL/IP extraction and CLI input sources. The documentation links the repository, PyPI package, issue tracker, and changelog, which is typical of a Python security utility distributed both as a library and as an executable command.

Adoptionsgeschichte

The docs list InQuest and PacketTotal as users and point analysts who need automation beyond extraction toward InQuest's ThreatIngestor. The Homebrew and Nix packaging in the input facts show the tool leaving Python-only workflows and becoming available as a command-line package.

Wie es verwendet wird

iocextract can be used as a Python iterator-based library or as the `iocextract` command. The CLI reads from standard input or files, extracts selected IOC classes, supports custom regex files, and can refang supported URLs, emails, and IPv4 addresses when an analyst wants normalized output.

Warum Paket-Nerds sich dafür interessieren

The package is significant because it encodes a practical security convention: dangerous observables are often intentionally mangled before publication. A package manager shipping iocextract gives shell pipelines and incident-response scripts a reusable way to reverse that convention without every analyst copying fragile regexes.

Zeitleiste

  • 2018: Public PyPI releases establish iocextract as an installable Python IOC extractor.
  • 2019-2023: InQuest-hosted documentation presents the library, CLI, related projects, and users.
  • 2023: v1.16.x releases add CLI extraction from remote data sources and fix URL/IP extraction behavior.
  • Package-manager era: Homebrew and Nix provide package installs for the `iocextract` executable.

Related projects

  • ThreatIngestor is the InQuest project suggested for automated IOC extraction, enrichment, and export workflows.
  • Cacador, ioc-extractor, and Cyobstract are listed by the docs as similar IOC extraction projects.
  • plyara is called out for users working with YARA rules.

Sicherheitslage

Noch keine Protected-Tool-Abdeckung gefunden

Für iocextract wurde kein passendes lokales Secret-Handling-Manifest gefunden. Nucleus-Paketmetadaten bleiben hier veröffentlicht, damit künftige Abdeckung eine stabile Paket-URL hat.

Installationsverhalten

  • In den Formelmetadaten ist kein Homebrew-Post-install-Hook erfasst.
  • Homebrew-Bottle-Metadaten sind für 6 Plattformziele verfügbar.
  • Installiert mit 2 Laufzeitabhängigkeiten.

Empfohlene Prüfung

Prüfe vor unbeaufsichtigter Agent-Nutzung, ob das Tool Klartext-Credentials liest, Remote-Zustand schreibt, Artefakte veröffentlicht oder Plugins ausführt.

Executables

Installierte Executables

BefehlArtSichtbarkeitHinweis
iocextractcliglobales Executable

Aktualität

Version und Aktualität

Diese Signale trennen das Alter der Seitengenerierung, Aktivität des Paketmanagers und Upstream-Release-Vergleich. Versionsrückstand wird nur gemeldet, wenn eine Evidenz-URL und vergleichbare Versionen vorhanden sind.

Seite generiert2026-07-08
Manager-Version1.16.1
Manager aktualisiert2026-05-21
lokale DatenOK
Upstreamnot checked
neueste erkannte Versionnicht erkannt

https://inquest.readthedocs.io/projects/iocextract/en/latest/

Installationsmetadaten

Paketmetadaten

Paketschlüsselbrew:iocextract
Version1.16.1
PaketmanagerHomebrew
Paketmanager-Seitehttps://formulae.brew.sh/formula/iocextract
Homepagehttps://inquest.readthedocs.io/projects/iocextract/en/latest/
Repositoryhttps://github.com/InQuest/iocextract
Upstream-Dokumentationhttps://inquest.readthedocs.io/projects/iocextract/en/latest
LizenzGPL-2.0-only
Quellarchivhttps://files.pythonhosted.org/packages/ad/4b/19934df6cd6a0f6923aabae391a67b630fdd03c12c1226377c99a747a4f1/iocextract-1.16.1.tar.gz
Zuletzt aktualisiert2026-05-21T12:53:41Z
Pulseupdated
Abhängigkeitencertifi, python@3.14
Bottleverfügbar (auf arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
Homebrew post-installnicht definiert
Dienstkeiner deklariert

Registry-Fakten

Details aus der Quelldatenbank

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Nameiocextract
Version Scheme0
Revision13
Head VersionHEAD
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • head
  • stable

Source-Datenbank-Treffer

Andere Paketmanager-Einträge

Treffer stammen aus externen Paketmanager-Indizes und bleiben von lokalen Automic-Vault-Paketlinks getrennt.

Nix95%

iocextract

nix profile install nixpkgs#iocextract
  • normalized package name match
  • Abgeglichen nach: Iocextract
nixpkgs package indexes · raw.githubusercontent.com · nixpkgs package indexes: iocextract from https://raw.githubusercontent.com/NixOS/nixpkgs/master/pkgs/top-level/all-packages.nix

Quellspur

Aus Repository-Daten generiert

Diese Seite wird von av-web aus dem privaten Paket-SQLite-Artefakt bereitgestellt, das scripts/generate-pkg-sqlite.py erstellt.

Verwendete Quellen

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment