IOC Parser is a tool to extract indicators of compromise from security reports in PDF format. A good collection of APT related reports with many IOCs can be found here: APTNotes. Now it's compatible python 3.

iocp.py [-h] [-p INI] [-i FORMAT] [-o FORMAT] [-O path] [-d] [-l LIB] -path path

• -p INI Pattern file
• -i FORMAT Input format (pdf/txt/html)
• -o FORMAT Output format (csv/json/yara)
• -O path path to record results
• -d Deduplicate matches
• -l LIB Parsing library
• -path path URL,path of file

you can pipe with CasperJS like that:

casperjs ioc_casper.js | iocp.py [-p INI] [-i FORMAT] [-o FORMAT] [-O path][-d] [-l LIB]

One of the following PDF parsing libraries:

• PyPDF2 - pip install pypdf2
• pdfminer - pip install pdfminer3k

For HTML parsing support:

• BeautifulSoup - pip install beautifulsoup4

For HTTP(S) support:

• requests - pip install requests