# iocextract mit Homebrew, Nix installieren

Prüfe Installationswege, Executables, Metadaten und Sicherheitshinweise für iocextract in AI-Agent-Workflows.

## Installation

```sh
sudo av install brew:iocextract
```

Weitere Installationsbefehle:

### macOS

- Homebrew (100%):

```sh
brew install iocextract
```

  Evidenz: local Homebrew formula metadata

### Linux

- Nix (92%):

```sh
nix profile install nixpkgs#iocextract
```

  Evidenz: nixpkgs package indexes: iocextract from https://raw.githubusercontent.com/NixOS/nixpkgs/master/pkgs/top-level/all-packages.nix

## Paketfakten

- **Paketschlüssel:** brew:iocextract
- **Paketmanager:** Homebrew
- **Paketmanager-Seite:** <https://formulae.brew.sh/formula/iocextract>
- **Version:** 1.16.1
- **Quellzusammenfassung:** Defanged indicator of compromise extractor
- **Homepage:** <https://inquest.readthedocs.io/projects/iocextract/en/latest/>
- **Repository:** <https://github.com/InQuest/iocextract>
- **Upstream-Dokumentation:** <https://inquest.readthedocs.io/projects/iocextract/en/latest>
- **Lizenz:** GPL-2.0-only
- **Quellarchiv:** <https://files.pythonhosted.org/packages/ad/4b/19934df6cd6a0f6923aabae391a67b630fdd03c12c1226377c99a747a4f1/iocextract-1.16.1.tar.gz>
- **Zuletzt aktualisiert:** 2026-05-21T12:53:41Z
- **Generiert:** 2026-07-08T18:08:21+00:00

## Executables

- iocextract (cli)
- iocextract (Alias)

## Abhängigkeiten

- certifi
- python@3.14

## Installationsverhalten

- Post-install-Hook: nicht definiert
- Bottle: verfügbar auf arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux

## Version und Aktualität

- Seite generiert: 2026-07-08
- Manager-Version: 1.16.1
- Manager aktualisiert: 2026-05-21
- lokale Daten: OK
- Upstream-Repository: https://inquest.readthedocs.io/projects/iocextract/en/latest/
- Info: Release/tag comparison is only available for GitHub repositories.
## Projektgeschichte und Nutzung

iocextract is an InQuest Python library and CLI for extracting indicators of compromise from text, including deliberately defanged URLs, IP addresses, email addresses, hashes, and YARA rules. It sits in the security-automation niche where analysts need to turn threat reports, tweets, notes, and pasted text into machine-readable observables.

### Projektgeschichte

The project documentation frames iocextract around a specific analyst problem: simple regular expressions miss indicators that have been defanged to avoid accidental clicks or live requests. iocextract combines custom regexes and post-processing so those strings can be detected and optionally refanged.

The GitHub release history shows continuing feature and bug-fix releases, including work around URL/IP extraction and CLI input sources. The documentation links the repository, PyPI package, issue tracker, and changelog, which is typical of a Python security utility distributed both as a library and as an executable command.

### Adoptionsgeschichte

The docs list InQuest and PacketTotal as users and point analysts who need automation beyond extraction toward InQuest's ThreatIngestor. The Homebrew and Nix packaging in the input facts show the tool leaving Python-only workflows and becoming available as a command-line package.

### Wie es verwendet wird

iocextract can be used as a Python iterator-based library or as the `iocextract` command. The CLI reads from standard input or files, extracts selected IOC classes, supports custom regex files, and can refang supported URLs, emails, and IPv4 addresses when an analyst wants normalized output.

### Warum Paket-Nerds sich dafür interessieren

The package is significant because it encodes a practical security convention: dangerous observables are often intentionally mangled before publication. A package manager shipping iocextract gives shell pipelines and incident-response scripts a reusable way to reverse that convention without every analyst copying fragile regexes.

### Zeitleiste

- 2018: Public PyPI releases establish iocextract as an installable Python IOC extractor.
- 2019-2023: InQuest-hosted documentation presents the library, CLI, related projects, and users.
- 2023: v1.16.x releases add CLI extraction from remote data sources and fix URL/IP extraction behavior.
- Package-manager era: Homebrew and Nix provide package installs for the `iocextract` executable.

### Related projects

- ThreatIngestor is the InQuest project suggested for automated IOC extraction, enrichment, and export workflows.
- Cacador, ioc-extractor, and Cyobstract are listed by the docs as similar IOC extraction projects.
- plyara is called out for users working with YARA rules.

### Quellen

- <https://formulae.brew.sh/formula/iocextract>
- <https://github.com/InQuest/iocextract>
- <https://github.com/InQuest/iocextract/releases>
- <https://inquest.readthedocs.io/projects/iocextract/en/latest/>
- <https://pypi.org/project/iocextract/>


## Sicherheitshinweise

Für iocextract wurde kein passendes lokales Secret-Handling-Manifest gefunden. Nucleus-Paketmetadaten bleiben hier veröffentlicht, damit künftige Abdeckung eine stabile Paket-URL hat.


## Details aus der Quelldatenbank

- **Source Database:** Homebrew formula API
- **Tap:** homebrew/core
- **Full Name:** iocextract
- **Version Scheme:** 0
- **Revision:** 13
- **Head Version:** HEAD
- **Bottle Stable Root URL:** <https://ghcr.io/v2/homebrew/core>
- **Deprecated:** no
- **Disabled:** no
- **Keg Only:** no
- **URL Keys:** head, stable

## Andere Paketmanager-Einträge

- Nix - iocextract: normalized package name match | nixpkgs package indexes: iocextract from https://raw.githubusercontent.com/NixOS/nixpkgs/master/pkgs/top-level/all-packages.nix


## Verwandte Links

- [Terminal utility packages](https://www.automicvault.com/de/pkg/terminal-utilities/) - Matched terminal and command-line workflow metadata.
- [Networking and protocol packages](https://www.automicvault.com/de/pkg/networking-protocol-tools/) - Matched network, protocol, or remote-service metadata.
- [Security and crypto packages](https://www.automicvault.com/de/pkg/security-crypto-tools/) - Matched security, identity, cryptography, password, signing, or certificate metadata.
- [Homebrew utility packages](https://www.automicvault.com/de/pkg/brew-utility-packages/) - Matched Homebrew package provider.
- [python@3.14](https://www.automicvault.com/de/pkg/brew/python-3-14/) - Runtime dependency declared by Homebrew.
- [dnstwist](https://www.automicvault.com/de/pkg/brew/dnstwist/) - Shares av.db curated category or tags: cli, security, threat-intelligence.
- [virustotal-cli](https://www.automicvault.com/de/pkg/brew/virustotal-cli/) - Shares av.db curated category or tags: cli, security, threat-intelligence.
- [aide](https://www.automicvault.com/de/pkg/brew/aide/) - Shares av.db curated category or tags: cli, security.
- [aircrack-ng](https://www.automicvault.com/de/pkg/brew/aircrack-ng/) - Shares av.db curated category or tags: cli, security.
- [amass](https://www.automicvault.com/de/pkg/brew/amass/) - Shares av.db curated category or tags: cli, security.
- [anubis](https://www.automicvault.com/de/pkg/brew/anubis/) - Shares av.db curated category or tags: cli, security.
- [authoscope](https://www.automicvault.com/de/pkg/brew/authoscope/) - Shares av.db curated category or tags: cli, security.
- [azurehound](https://www.automicvault.com/de/pkg/brew/azurehound/) - Shares av.db curated category or tags: cli, security.
- [shodan](https://www.automicvault.com/de/pkg/brew/shodan/) - Both packages touch the same language runtime or ecosystem. Shared terms: certifi, cli, intelligence, python, python-3-14.
- [bbot](https://www.automicvault.com/de/pkg/brew/bbot/) - Both packages touch the same language runtime or ecosystem. Shared terms: certifi, cli, python, python-3-14, security.

## Combined YAML source

View the package source record on GitHub. [combined/iocextract.yml](https://github.com/automic-vault/db/blob/main/combined/iocextract.yml)


## Quellen

- Nucleus package database
- Geiger risk classifier
- package-page enrichment
- curated package history
- package version freshness
- av.db category and tag curation
- package relationship graph
- external package-manager database matches
- cross-ecosystem install command graph
