Threat intelligence tool

IOC Extractor

Automatically extract Indicators of Compromise from logs, reports, and threat intelligence text. Finds IPs, URLs, domains, emails, and file hashes in seconds.

Local processingIPv4 · IPv6 · URLsMD5 · SHA-1 · SHA-256 · SHA-512.txt file support

Privacy first

All extraction runs locally in your browser using regex matching. Your logs and reports are never uploaded or sent to any server.

Input

Paste text or upload a file.

or drag and drop above — max 50 MB

IOC types

What to extract.

Results

Extracted indicators.

Results will appear here after extraction.

Domain results automatically exclude hostnames already captured as part of a URL. Hash detection uses fixed-length matching: MD5 = 32, SHA-1 = 40, SHA-256 = 64, SHA-512 = 128 hex chars.

Related Tools

IP / URL / Email Extractor — Bulk Extraction

Extract IPs, URLs, and email addresses from large text blocks with deduplication support.

Log Redactor — Redact Sensitive Data from Logs

Automatically redact IPs, emails, tokens, API keys, JWTs, and secrets from log files.