PyIntelOwl Logo

PyIntelOwl

0
Free
Visit Website

Robust Python SDK and Command Line Client for interacting with IntelOwl's API. Features Easy one-time configuration with self-documented help and hints along the way. Request new analysis for observables and files. Select which analyzers you want to run for every analysis you perform. Choose whether you want to HTTP poll for the analysis to finish or not. List all jobs or view one job in a prettified tabular form. List all tags or view one tag in a prettified tabular form. Tabular view of the analyzer_config.json and connector_config.json from IntelOwl with RegEx matching capabilities. Demo Installation: $ pip3 install pyintelowl For development/testing, pip3 install pyintelowl[dev] Quickstart As Command Line Client: On successful installation, The pyintelowl entry script should be directly invokable. For example, $ pyintelowl Usage: pyintelowl [OPTIONS] COMMAND [ARGS]... Options: -d, --debug Set log level to DEBUG --version Show the version and exit. -h, --help Show this message and exit. Commands: analyse Send a new analysis request analyzer-healthcheck Send a health check request for an analyzer... config Set or view config variables connector-healthcheck Send a health check req

FEATURES

ALTERNATIVES

Signature-based YARA rules for detecting and preventing threats within Linux, Windows, and macOS systems.

Daily feed of bad IPs with blacklist hit scores for cybersecurity professionals to stay informed about malicious IP addresses.

A collection of YARA rules for research and hunting purposes.

Amazon GuardDuty is a threat detection service for AWS accounts.

A platform providing an activity feed on exploited vulnerabilities.

Machinae is a tool for collecting intelligence from public sites/feeds about various security-related pieces of data.

A set of configuration files to use with EclecticIQ's OpenTAXII implementation for MISP integration.

FireEye Mandiant SunBurst Countermeasures: freely available rules for detecting malicious files and activity