Defangs and refangs malicious IOCs
Download the latest release from https://github.com/jakewarren/defang/releases/latest
go get github.com/jakewarren/defang/...
defang accepts input from STDIN, a string argument, or a file argument
❯ echo -e "malware.evil.com\napp.malicious.com" | defang
malware.evil[.]com
app.malicious[.]com
❯ defang "malware.evil.com"
malware.evil[.]com
❯ defang /tmp/urls.txt
app.malicious[.]com
❯ defang --refang "hXXp://evil.example[.]com/malicious.php"
http://evil.example.com/malicious.php
import (
"fmt"
"github.com/jakewarren/defang"
)
func main() {
u, _ := defang.URL("https://malware.evil.com")
fmt.Println(u)
// Output: hxxps://malware.evil[.]com
u, _ = defang.URLWithMask("https://malware.evil.com", defang.Meow)
fmt.Println(u)
// Output: meows://malware.evil[.]com
defangedIP, _ := defang.IPv4("8.8.8.8")
fmt.Println(defangedIP)
// Output: 8.8.8[.]8
}
All notable changes to this project will be documented in the changelog.
The format is based on Keep a Changelog and this project adheres to Semantic Versioning.
MIT © 2018 Jake Warren