Skip to main content
All CollectionsTemplatesBasic
Group IoCs From Text Input - Workflow Template
Group IoCs From Text Input - Workflow Template

This function takes a text and returns groups of hashes, URLs, domains and IP addresses

Updated over 6 months ago

This workflow template, "Group IoCs From Text Input," enables organizations to streamline their cybersecurity processes by analyzing and categorizing various indicators of compromise (IoCs) from a text input. It accurately extracts and groups different IoCs, like MD5, SHA1, SHA256 hashes, URLs, domains, and both IPv4 and IPv6 addresses, ensuring that each list is free of duplicate entries. Ideal for Threat Intelligence Enrichment, this workflow aids in identifying potential security threats, enabling quick and efficient response to cyber incidents.

Use Cases

Example, Threat Intelligence Enrichment

Workflow Breakdown

  1. Takes any text, can be a list of IoCs or any website that you need to crawl and extract IoCs

  2. Extracts MD5, SHA1, SHA256, URLs, Domaiins, IPv4 and IPv6 adresses

  3. Makes sure all the items in each list is unique

Vendors

Utils

Workflow Output

Count and list of the founded items

Tips

Look for fresh IoCs parsing known phishing sites or research sites.","Group by item a random list of IoCs

Did this answer your question?