TOOL

IOC Fang/Defang

Convert indicators of compromise (IOCs) between safe and unsafe formats for cybersecurity analysis

Security IOC Cybersecurity

PRIVACY FIRST · RUNS IN YOUR BROWSER

Input IOCs

0 IOCs detected

Processed IOCs

0 IOCs processed

Actions

IOC Statistics

0

URLs

0

Domains

0

IP Addresses

0

Emails

HOW TO USE

Instructions

This IOC Fang/Defang tool helps cybersecurity professionals safely handle indicators of compromise:

🛡️ Defanging (Safe Mode)

http://evil.com → hxxp://evil[.]com
192.168.1.1 → 192[.]168[.]1[.]1
user@evil.com → user[@]evil[.]com
https://malware.exe → hxxps://malware[.]exe

⚠️ Fanging (Active Mode)

hxxp://evil[.]com → http://evil.com
192[.]168[.]1[.]1 → 192.168.1.1
user[@]evil[.]com → user@evil.com
hxxps://malware[.]exe → https://malware.exe

⚠️ Security Warning

Be extremely careful when fanging IOCs. Fanged IOCs become active and can be dangerous. Only fang IOCs in isolated, secure environments for analysis purposes.

Privacy: All processing happens locally in your browser. No IOCs are sent to any server.

KEYBOARD

Shortcuts

Defang IOCs Ctrl + D

Fang IOCs Ctrl + F

Extract IOCs Ctrl + E

Copy Output Ctrl + C