~/tools/ioc

IOC parser & defanger

Pull indicators of compromise out of pasted text — IPs, domains, URLs, emails, hashes — and defang them for safe sharing. Runs entirely in your browser.

defanging rewrites indicators so they aren't clickable or auto-linked — http becomes hxxp and dots become [.]. It's the convention for sharing malicious indicators in tickets, chat, and reports without anyone accidentally visiting them.

Extraction is regex-based and deliberately conservative. Verify anything before you act on it, and never navigate to an extracted URL outside a controlled environment.

← ~/tools