This tool is used to collect various intelligence sources for hosts. Hostintel is written in a modular fashion so new intelligence sources can be easily added. Hosts are identified by FQDN host name, Domain, or IP address. This tool only supports IPv4 at the moment. The output is in CSV format and sent to STDOUT so the data can be saved or piped into another program. Since the output is in CSV format, spreadsheets such as Excel or database systems will easily be able to import the data. This tool works with Python v2 and Python v3. If you find it does not work with Python v3, please post an issue.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Automatic YARA rule generator based on Koodous reports with limited false positives.
A set of rules for detecting threats in various formats, including Snort, Yara, ClamAV, and HXIOC.
eCrimeLabs provides a SOAR platform for threat detection and response, integrated with MISP.
InSights by InQuest is a threat intelligence platform that delivers curated feeds of IOCs and C2 information to help security teams detect and respond to emerging threats.
A collection of Yara rules for the Burp Yara-Scanner extension to identify malicious software on websites.
Zero Day Live is a threat intelligence platform that provides early detection of malware and zero-day vulnerabilities through a proprietary sensor network processing over 1 billion data points.
Scan files or process memory for Cobalt Strike beacons and parse their configuration.
PINNED

Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.