Skip to main content
All CollectionsTemplatesBasic
Group IoCs From Text Input - Workflow Template
Group IoCs From Text Input - Workflow Template

This function takes a text and returns groups of hashes, URLs, domains and IP addresses

Updated over 6 months ago

This workflow template, "Group IoCs From Text Input," enables organizations to streamline their cybersecurity processes by analyzing and categorizing various indicators of compromise (IoCs) from a text input. It accurately extracts and groups different IoCs, like MD5, SHA1, SHA256 hashes, URLs, domains, and both IPv4 and IPv6 addresses, ensuring that each list is free of duplicate entries. Ideal for Threat Intelligence Enrichment, this workflow aids in identifying potential security threats, enabling quick and efficient response to cyber incidents.

Take Me to the Template

Use Cases

Example, Threat Intelligence Enrichment

Workflow Breakdown

  1. Takes any text, can be a list of IoCs or any website that you need to crawl and extract IoCs

  2. Extracts MD5, SHA1, SHA256, URLs, Domaiins, IPv4 and IPv6 adresses

  3. Makes sure all the items in each list is unique

Vendors

Utils

Workflow Output

Count and list of the founded items

Tips

Look for fresh IoCs parsing known phishing sites or research sites.","Group by item a random list of IoCs

Related Articles
VirusTotal IOC Lookup with Summary of Results from OpenAI - Workflow Template
Upload New Threat Intelligence IOCs to Cybereason - Workflow Template
Jira Enrichment for Hashes Found in Issue Description - Workflow Template
Enrich Hashes, CVEs and IP Addresses with Recorded Future - Workflow Template
Extract Multiple Observables - Workflow Template
Did this answer your question?