IOChaser

Extract, normalize, and analyze IOCs from the current webpage

Stop copying IOCs manually. IOChaser is a browser extension built for SOC analysts, threat hunters, and security professionals to extract, analyze, and investigate Indicators of Compromise (IOCs) directly from any webpage — without breaking your workflow. ──────────────────────────────────────────────────────────────────────────────────── ❌ The Problem ❌ Analysts constantly deal with IOCs in threat reports, phishing pages, alerts, and blog posts. Typical workflow: 1. Copy an IOC 2. Refang it manually 3. Open multiple tabs (VirusTotal, AbuseIPDB, etc.) 4. Repeat for every indicator This process is SLOW, repetitive, and error-prone. ──────────────────────────────────────────────────────────────────────────────────── ✅ The Solution ✅ IOChaser eliminates manual work by turning any webpage into an investigation-ready view. With one click, it extracts all visible IOCs, organizes them, and lets you investigate them instantly. ──────────────────────────────────────────────────────────────────────────────────── What IOChaser Detects • IP addresses • Domains • URLs (including defanged formats) • Email addresses • File hashes (MD5, SHA1, SHA256) ──────────────────────────────────────────────────────────────────────────────────── Real Analyst Workflow IOChaser is designed around how analysts actually work: 1. Extract all IOCs from the current page 2. Review grouped results by type 3. Filter and focus on relevant indicators 4. Run quick reputation checks 5. Select the indicators that matter 6. Generate a structured enrichment summary 7. Pivot to external tools when deeper analysis is required ──────────────────────────────────────────────────────────────────────────────────── Key Features: 🔍 Automatic IOC Extraction Detect and group IOCs instantly from any webpage, including defanged indicators. ⚡ Quick Scan & Instant Verdicts Get immediate insights such as malicious, suspicious, or clean indicators directly in the extension. 🧠 Enrichment Summary View structured threat intelligence in one place, including: • VirusTotal verdicts • AbuseIPDB reputation and reports • ASN, country, and contextual data 🎯 Analyst-Focused Workflow Select, filter, and investigate IOCs efficiently without leaving your browser. 🌐 Threat Intelligence Integrations Quickly pivot into: • VirusTotal • AbuseIPDB • Shodan • Censys • GreyNoise • and other investigation platforms 📋 One-Click Copy & Export Copy selected IOCs safely in a consistent format for reporting or response. ⚙️ Customizable Tool Selection Choose which tools are used per IOC type based on your workflow. 🔐 Privacy First API keys are stored locally in your browser. No data is sent externally unless you explicitly trigger a lookup. ──────────────────────────────────────────────────────────────────────────────────── Use Cases IOChaser is ideal for: • SOC analysts performing alert triage • Threat hunters investigating suspicious activity • Incident responders analyzing compromised indicators • DFIR practitioners reviewing evidence • Security researchers analyzing threat reports ──────────────────────────────────────────────────────────────────────────────────── Why IOChaser? Unlike generic IOC extractors, IOChaser is designed for real-world investigations. It focuses on: • speed • accuracy • workflow efficiency • actionable intelligence so you can move faster from detection to investigation.