~/tools/ioc
IOC parser & defanger
Pull indicators of compromise out of pasted text — IPs, domains, URLs, emails, hashes — and defang them for safe sharing. Runs entirely in your browser.
No indicators found in that text.
defanging rewrites indicators so they aren't
clickable or auto-linked — http becomes
hxxp and dots become
[.]. It's the convention for sharing malicious
indicators in tickets, chat, and reports without anyone accidentally visiting them.
Extraction is regex-based and deliberately conservative. Verify anything before you act on it, and never navigate to an extracted URL outside a controlled environment.