Intel Owl Logo

Intel Owl

0
Free
Visit Website

IntelOwl is an Open Source solution for management of Threat Intelligence at scale. It integrates a number of analyzers available online and a lot of cutting-edge malware analysis tools. Features: * Enrichment of Threat Intel for files as well as observables (IP, Domain, URL, hash, etc). * A Fully-fledged REST APIs written in Django and Python. * An easy way to be integrated in your stack of security tools to automate common jobs usually performed, for instance, by SOC analysts manually. * (Thanks to the official libraries pyintelowl and go-intelowl) * A built-in GUI: provides features such as dashboard, visualizations of analysis data, easy to use forms for requesting new analysis, etc. * A framework composed of modular components called Plugins: analyzers that can be run to either retrieve data from external sources (like VirusTotal or AbuseIPDB) or to generate intel from scratch.

FEATURES

ALTERNATIVES

Stixview is a JS library for embeddable interactive STIX2 graphs, aiming to bridge the gap between CTI stories and structured CTI snapshots.

A Pythonic framework for automated threat modeling shifting left.

A community-driven public malware repository providing access to malware samples, tools, and resources for the cybersecurity community.

The Ransomware Tool Matrix is a repository that lists and categorizes tools used by ransomware gangs, aiding in threat hunting, incident response, and adversary emulation.

A serverless application for creating and monitoring URL tokens with threat intelligence and customizable alerts.

DNSDumpster is a domain research tool for discovering and analyzing DNS records to map an organization's attack surface.

eCrimeLabs provides a SOAR platform for threat detection and response, integrated with MISP.

A visualization tool for threat analysis that organizes APT campaign information and visualizes relations of IOC.

PINNED