MalwareCube/Email-IOC-Extractor external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

MalwareCube/Email-IOC-Extractor

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/MalwareCube/Email-IOC-Extractor)

Close

MalwareCube / Email-IOC-ExtractorView on GitHubMore

• External links
• Readme badge

A Python script for extracting IP addresses, URLs, headers, and attachments from .eml files. Additional functionalities include defanging IPs and URLs, performing IP lookups, and attachment metadata extraction.

☆44Oct 10, 2024Updated last year

Alternatives and similar repositories for Email-IOC-Extractor

Users that are interested in Email-IOC-Extractor are comparing it to the libraries listed below

• digitalsleuth / forensics_tools

  View on GitHub
  Various short scripts and tools used for Digital Forensics
  ☆14Apr 13, 2025Updated 11 months ago
• NextronSystems / velociraptor-artifacts-thor

  View on GitHub
  Thor Artifacts for Velociraptor
  ☆19Dec 2, 2025Updated 3 months ago
• CERT-EDF / generaptor

  View on GitHub
  CLI generator for Velociraptor offline collector
  ☆16Mar 6, 2026Updated 2 weeks ago
• Velocidex / registry_hunter

  View on GitHub
  Hunt the windows Registry automatically using VQL
  ☆14Jan 6, 2026Updated 2 months ago
• The-DFIR-Report / DFIR-Artifacts

  View on GitHub
  Repository for sharing examples of our artifacts data and for use in new analyst recruitment.
  ☆110Apr 22, 2025Updated 11 months ago
• MalwareCube / SOC101_challenges

  View on GitHub
  https://academy.tcm-sec.com/
  ☆14Aug 19, 2025Updated 7 months ago
• Velocidex / cloudvelo

  View on GitHub
  An experimental Velociraptor implementation using cloud infrastructure
  ☆26Dec 2, 2025Updated 3 months ago
• tomwechsler / Network_analysis_with_Wireshark

  View on GitHub
  Network analysis with Wireshark, is the topic in this repo!
  ☆14May 6, 2023Updated 2 years ago
• kacos2000 / Prefetch-Browser

  View on GitHub
  Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's
  ☆64Dec 18, 2024Updated last year
• cocomelonc / offzone-2024-malware-persistence-workshop

  View on GitHub
  OFFZONE 2024 Malware Persistence workshop
  ☆22Dec 18, 2024Updated last year
• dbissell6 / DFIR

  View on GitHub
  This is a repository dedicated to the DFIR journey. Contains notes, reflections and links to tools.
  ☆109Updated this week
• gotr00t0day / vulnparams

  View on GitHub
  crawl a website for links and expose all the vulnerable parameters.
  ☆14Oct 2, 2022Updated 3 years ago
• luduslibrum / awesome-playbooks

  View on GitHub
  A curated repository of incident response playbooks
  ☆120Jul 17, 2023Updated 2 years ago
• lodetomasi / ai-detects-if-cve-was-zero-day

  View on GitHub
  Multi-agent AI system using GPT-4o, DeepSeek v3, and Llama 3.3 to detect if CVE vulnerabilities were exploited as zero-days. Analyzes…
  ☆20Feb 13, 2026Updated last month
• mertdas / ValleyTerminator

  View on GitHub
  Terminate AV/EDR processes by exploiting the vulnerable NsecSoft driver
  ☆33Sep 15, 2025Updated 6 months ago
• dwmetz / PSHero

  View on GitHub
  PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.
  ☆37Jul 11, 2023Updated 2 years ago
• dfir-ronin / APT-OpenIOC-Detection-Rules

  View on GitHub
  This repository contains OpenIOC rules to aid in hunting for indicators of compromise and TTPs focused on Advanced Persistent Threat grou…
  ☆26Oct 3, 2023Updated 2 years ago
• osirislab / CSAW-CTF-2024-Quals

  View on GitHub
  Public Archive for CSAW 2024 Quals
  ☆11Sep 19, 2024Updated last year
• blackhatethicalhacking / RedTeaming-Tactics-and-Techniques

  View on GitHub
  Red Teaming Tactics and Techniques
  ☆13Feb 10, 2022Updated 4 years ago
• gotr00t0day / fsociety

  View on GitHub
  fsociety Hacking Tools Pack – A Penetration Testing Framework
  ☆14Aug 8, 2024Updated last year
• DanielBradley1 / Microsoft-Graph-PowerShell

  View on GitHub
  ☆23Mar 21, 2024Updated 2 years ago
• JoasASantos / Malware-Analysis-Exercises

  View on GitHub
  ☆42Dec 24, 2024Updated last year
• ml58158 / Demystifying-KQL

  View on GitHub
  Content Repo for Demystifying KQL Tutorial Series
  ☆73Sep 1, 2024Updated last year
• K3ysTr0K3R / DroidSniper

  View on GitHub
  DroidSniper - Misconfigured Android Debug Bridge Scanner
  ☆14Mar 26, 2024Updated last year
• stuxnet999 / volatility-binaries

  View on GitHub
  Contains compiled binaries of Volatility
  ☆36May 18, 2025Updated 10 months ago
• mthcht / ThreatHunting-Keywords-sigma-rules

  View on GitHub
  Sigma detection rules for hunting with the threathunting-keywords project
  ☆58Mar 2, 2025Updated last year
• empyr3an / Reconis

  View on GitHub
  A tool for automating network enumeration and reconnaissance
  ☆18Jan 20, 2025Updated last year
• daniellowrie / Security-Research-Blogs

  View on GitHub
  A list of the best cybersecurity research related blogs.
  ☆33May 26, 2025Updated 9 months ago
• vobst / BPFVol3

  View on GitHub
  Linux BPF plugins for Volatility3
  ☆23Jan 19, 2024Updated 2 years ago
• KostasKoutrou / KQL

  View on GitHub
  KQL Queries for Advanced Hunting / Log Analytics
  ☆13Jan 29, 2026Updated last month
• 6mile / DEFCON33-Workshop

  View on GitHub
  DEFCON 33 Workshop - Open Source Malware 101 - Everything you always wanted to know about npm malware (and more)
  ☆15Aug 8, 2025Updated 7 months ago
• gotr00t0day / DDOS-RootSec

  View on GitHub
  Explore RootSec's DDOS Archive, featuring top-tier scanners, powerful botnets (Mirai & QBot) and other variants, high-impact exploits, ad…
  ☆15Aug 22, 2024Updated last year
• kh4sh3i / Application-Security-Interview-Questions

  View on GitHub
  Here are some common interview questions for an application security position you can review for your own interview, along with example a…
  ☆31Apr 17, 2022Updated 3 years ago
• cod3nym / Ghosting-AMSI

  View on GitHub
  Ghosting-AMSI
  ☆18Apr 30, 2025Updated 10 months ago
• wdahlenburg / canary

  View on GitHub
  CLI tool written in Go to generate Canary Tokens from https://canarytokens.org
  ☆13Aug 22, 2025Updated 7 months ago
• ridgebackinfosec / cerno

  View on GitHub
  This tool provides an interactive TUI for reviewing Nessus finding exports, running security tools (nmap, netexec, metasploit), and track…
  ☆65Feb 5, 2026Updated last month
• praetorian-inc / swarmer

  View on GitHub
  A tool to convert windows registry export files into windows hive files that can be used to replace NTUSER.MAN
  ☆107Jan 26, 2026Updated last month
• struppigel / hedgehog-tools

  View on GitHub
  ☆127Mar 7, 2026Updated 2 weeks ago
• dfir-scripts / EverReady-Disk-Mount

  View on GitHub
  Disk Image Mounting Script
  ☆11Jan 22, 2026Updated 2 months ago