Deep Learning

IOC Searcher
Python tool to extract indicators of compromise (IOCs), also known as cyber observables, from HTML, PDF, and text files. It can identify both defanged (e.g., URL hxxp://example[DOT]com) and unmodified IOCs (e.g., URL http://example.com).
Code
IOC Searcher
Retriever
A cross-platform and cross-market attribution framework to identify developer accounts in mobile markets that belong to an operation. This approach automatically applies OSINT expansions to build an attribution graph that captures the indicators and how they were discovered, preserving the chain of inferences. Retriever finds more accounts than AV vendors (that use conventional methods) for 94% of the cases.
Poster
Retriever