IntelOwl, an OSINT Tool discovering Threat Intelligence from multiple data sources

January 18, 2024

Do you want to get threat intelligence data about a malware, an IP or a domain from multiple sources at the same time using a single API request?

IntelOwl is an Open Source Intelligence, or OSINT solution to get threat intelligence data about a specific file, an IP or a domain from a single API at scale. It integrates a number of analyzers available online and a lot of cutting-edge malware analysis tools. It is for everyone who needs a single point to query for info about a specific file or observable.

Main features:

  1. Provides enrichment of Threat Intel for malware as well as observables (IP, Domain, URL, hash, etc).
  2. Can integrate easily in stack of security tools to automate common jobs usually performed, for instance, by SOC analysts manually.

IntelOwl is composed of:

  1. Analyzers that can be run to either retrieve data from external sources (like VirusTotal or AbuseIPDB) or to generate intel from internally available tools (like Yara or Oletools)
  2. Connectors that can be run to export data to external platforms (like MISP or OpenCTI)
  3. Visualizers that can be run to create custom visualizations of analyzers results
  4. Playbooks that are meant to make analysis easily repeatable

Integration Developed by Loginsoft for Fraud Preventive Solutions API on IntelOwl:

Scan Observables
Analyzers Report

Get notified

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

BLOGS AND RESOURCES

Latest Articles

RansomHub Revealed: Threats, Tools, and Tactics

December 9, 2024

The Rise of INTERLOCK Ransomware

November 13, 2024

Fortifying the Cloud: A Guide to Securing Vulnerable Cloud Environments

October 23, 2024