October 24, 2019

New year, new tool: Intel Owl

We would like to open this new decade by releasing a new tool that is called Intel Owl. We hope that it could help the community, in particular those researchers that can not afford commercial solutions, in the generation of threat intelligence data, in a simple, scalable and reliable way.

image

We would like to open this new decade by releasing a new tool that is called Intel Owl. We hope that it could help the community, in particular those researchers that can not afford commercial solutions, in the generation of threat intelligence data, in a simple, scalable and reliable way.

Main features:

modern Django-Python application: easy to understand and write code upon it

  • it can get data from multiple sources with a single API request.
  • 40 available analyzers that you can use to generate or retrieve data about a suspicious file or observable (IP, domain, …)
  • official client available on Github: PyIntelOwl
  • easily integrable with other tools thanks to the REST API framework and to the PyIntelOwl library.
  • easily and completely customizable, both the APIs and the analyzers
  • early compatibility with some of the AWS services. More in the future.
  • fast and reliable deploy: clone the project, set up the configuration and then you are ready to run it via docker-compose

For more information, we invite you to check the documentation and the code available on GitHub.

Feel free to ask everything it comes to your mind about the project to the author:

Every suggestion or contribution is really appreciated.

Keep hunting malware! We cheer on you :)

 Matteo Lodi, Threat Intel Team Leader

Subscribe

Sign up to our newsletter

Clicking Submit, I agree to the use of my personal data in accordance with Certego Privacy Policy. Certego will not sell, trade, lease, or rent your personal data to third parties.