Intel Owl

IntelOwl is an Open Source solution designed for the effective management of Threat Intelligence at scale.

It integrates various analyzers that are available online, along with many advanced tools for malware analysis.

* Enrichment of Threat Intel for files as well as observables such as IP addresses, Domains, URLs, hashes, and more. * A comprehensive set of REST APIs developed using Django and Python. * A straightforward method to integrate into your security tool stack, allowing for the automation of common tasks typically performed manually by SOC analysts. * (Thanks to the official libraries: pyintelowl and go-intelowl) * An integrated GUI that offers features like a dashboard, visualizations of analysis data, and user-friendly forms for requesting new analyses. * A framework made up of modular components known as Plugins: these analyzers can either pull data from external sources (like VirusTotal or AbuseIPDB) or generate intelligence from scratch.