IR_Tools – Incident response tool that allow to search for IOC of different format (Email, Phone, IP) on files
IR_Tools is a simple tools that help searching for IOC in a file or binary.
* It will allow you to simply search for a e-mail adress, url, phone number, username into a text/configuration file or even a binary file (searching in the strings).
* Implemented yet : Search for e-mail address in a file Search for phone number in a file (US phone number) Search for IP in a file (IPV4) Search for URL in a file
TO DO: Search for french phone number with extension Search for ipv6 Add new search types Do a string of a file and then search for the regex ( For example search for hard coded IP or URL into a binary)
+ getopt – Command line option parsing Python module
Usage and Download from git:
git clone https://github.com/NaykiSec/IR_Tools && cd IR_Tools
pip install getopt