Skills
.Work. You
Rest

ioc-extraction

Community

Extract, classify, and map IOCs

Software Engineering#security#extraction#threat intelligence#forensics#ioc#stix
Authorrobit-man
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill automates the extraction, classification, and deduplication of Indicators of Compromise (IOCs) from various investigation artifacts, ensuring consistent and actionable threat intelligence.

Core Features & Use Cases

  • Comprehensive Extraction: Identifies and extracts IP addresses, domain names, file hashes, URLs, email addresses, file paths, and registry keys.
  • Intelligent Classification & Deduplication: Automatically classifies IOCs by type and removes duplicates, reducing noise.
  • STIX 2.1 Mapping: Generates STIX 2.1 observable bundles for seamless integration with threat intelligence platforms and SIEMs.
  • Use Case: Automatically scan log files and forensic reports to build a clean, categorized list of malicious IPs and domains for your security monitoring tools.

Quick Start

Extract all IOCs from the directory '/var/log/auth.log'.

Dependency Matrix

Required Modules

None required

Components

references

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: ioc-extraction
Download link: https://github.com/robit-man/transcribe-cli/archive/main.zip#ioc-extraction

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.