Intel Owl Logo

Intel Owl

0
Free
Visit Website

IntelOwl is an Open Source solution for management of Threat Intelligence at scale. It integrates a number of analyzers available online and a lot of cutting-edge malware analysis tools. Features: * Enrichment of Threat Intel for files as well as observables (IP, Domain, URL, hash, etc). * A Fully-fledged REST APIs written in Django and Python. * An easy way to be integrated in your stack of security tools to automate common jobs usually performed, for instance, by SOC analysts manually. * (Thanks to the official libraries pyintelowl and go-intelowl) * A built-in GUI: provides features such as dashboard, visualizations of analysis data, easy to use forms for requesting new analysis, etc. * A framework composed of modular components called Plugins: analyzers that can be run to either retrieve data from external sources (like VirusTotal or AbuseIPDB) or to generate intel from scratch.

FEATURES

ALTERNATIVES

yarAnalyzer creates statistics on a yara rule set and files in a sample directory, generating tables and CSV files, including an inventory feature.

A tool for creating custom detection rules from YAML input

A threat intelligence platform that monitors, analyzes, and provides detailed information about threat actors targeting non-human identities across various industries.

Get insights into the latest cybersecurity trends and expert advice on enhancing organizational security.

The Ransomware Tool Matrix is a repository that lists and categorizes tools used by ransomware gangs, aiding in threat hunting, incident response, and adversary emulation.

QRadio is a tool/framework designed to consolidate cyber threats intelligence sources.

CINSscore.com provides Threat Intelligence database with accurate IP scores and collective defense through community and Sentinel IPS unit sourced data.

A tool for tracking, scanning, and filtering yara files with distributed scanning capabilities.

PINNED