IOC Refiner – Intelligent Indicator Extraction
This tool automatically scans "raw" text — emails, logs, reports — and extracts key Indicators of Compromise (IOCs). Ideal for rapid data preparation prior to analysis or reporting.
Instant Extract
Safe Defang
One-Click Copy
Log Friendly
Recognizes IP addresses (IPv4), domains, emails, and hashes (MD5/SHA-256)
Automatically removes duplicates — clean, unique results
DEFANG ALL button: converts
evil.com → evil[.]com for safe reportingClick on any IOC to copy it to the clipboard
Tip: Paste an entire email header or a syslog line — the tool will find the hidden indicators.
Input Raw Data
Refined Results
Waiting for extraction...