Official first announcement: Certego News
IntelOwl was designed with the intent to help the community, in particular those researchers that can not afford commercial solutions, in the generation of threat intelligence data, in a simple, scalable and reliable way.
modern Django-Python application: easy to understand and write code upon it
it can get data from multiple sources with a single API request
more than 150 available analyzers that you can use to generate or retrieve data about a suspicious file or observable (IP, domain, …)
built-in Web Interface, written in React, provides features such as dashboard, visualizations of analysis data, easy to use forms for requesting new analysis and more.
official library and CLI client available on GitHub: PyIntelOwl
built-in support for integration with other SIEM/SOAR projects using connectors, specifically aimed at Threat Sharing Platforms.
easily integrable with other tools thanks to the REST API framework and to the PyIntelOwl library.
easily and completely customizable, both the APIs and the analyzers
compatibility with some of the AWS services. More in the future.
fast and reliable deploy: clone the project, set up the configuration and then you are ready to run it via docker-compose
Feel free to ask everything it comes to your mind about the project to the author: Matteo Lodi (Twitter).
We also have a dedicated twitter account for the project: @intel_owl.