Python Iocextract Versions Save

• NEW!: Overhaul YARA extraction, with support for imports, includes, comments, scopes, and more.
• Reduce false positives from URL extraction (#29 from @JayFields).

• Add --extract-ipv4s and --extract-ipv6s flags to the CLI.

• NEW!: Add support for new URL defangs, including http:__ and http:\\.
• Fix a number of URL extraction issues (#6), reducing false positives and drastically improving existing results.
• Refactor regex for clarity and to allow easier maintenance.

• NEW!: Add several new defang methods to email extraction/refang (#22).

Check the documentation for more details.

• NEW!: Add support for extracting IOCs using custom regex files (#21).

See the custom regex and extract_custom_iocs function sections of the iocextract documentation for more information.

• NEW!: Add support for detecting and decoding base64-encoded URLs.

• Allow detecting/refanging emails with one optional space on either side of the @ symbol.

• Lower the chance of modifying valid non-defanged URLs when refanging paths (#15 from @mokarimi).

• NEW!: Add support for defanged emails (#15 from @mokarimi).
• NEW!: Add support for refanging paths (like http://example.com/path[.]html) in URLs (#15 from @mokarimi).

• NEW!: Add defang function for defanging URLs, IPv4 addresses, and domains.
• Improved regex to remove common Unicode punctuation from the end of extracted URLs.