Intel Owl is an Open Source Intelligence, or OSINT solution to get threat intelligence data about a specific file, an IP or a domain from a single API at scale. It integrates a number of analyzers available online and is for everyone who needs a single point to query for info about a specific file or observable.
Born at the start of 2020 (announcement), this fresh and new tool was accepted as part of the Google Summer of Code under The Honeynet Project. Great improvements have been developed since the start of this project.
With the release of version 1.0.0, we are excited to announce a completely new and revamped web interface and some new features in our API to help you better manage your threat intelligence data.
Sneak peek of some features from the new web interface:
1. Want to get threat intelligence data quick without having to wait for the entire analysis to end ? We got you covered! With the new interface, requesting a malware/observable scan is a breeze with just a few clicks and as a bonus, you can go through the result as it keeps getting updated from our API in background.
As you can see here, one can now add specific and custom tags to a new analysis. This helps you group different scans together and differentiate between them.
2. A dashboard to display different visualizations of analysis data, with the following features:
3. Intel Owl’s query power comes from the many (80+ and growing) different analyzers (external or internal) that are seamlessly integrated into the core API. Ofcourse, with this comes the issue of managing them – so we have made it easy for you.
You can view the list of all analyzers along with their use-case and supported types in a tabular view which can be filtered, sorted or searched through. Along with this, there’s also a dendrogram tree view inspired by https://osintframework.com/.
Our motive is that the layman can easily understand and use the API in a way that prevents him/her from gathering noise and speed up threat intelligence operations in their organization.
4. Different themes for different times of the day ? We understand. Switch between dark and light themes in a single click without the need of refreshing the page.
And we were saving the best part for the last – this new web interface comes with no extra configuration on your side, it’s lightweight and built-in to the core application.
Not impressed ? More of a backend/ Show me the code person ?
We suggest you to try the application! It’s easy and fast, just follow the step-by-step instructions and, in a few minutes, you can get it running on your machine.
We are continuously working on under-the-hood improvements and optimizations and always looking for more contributors and feedback.
Don’t like something ? Need help ? Create an issue on the GitHub page and we will look into it.
Looking to contribute to Open Source ? Here’s the list of beginner-friendly issues and the documentation on how to contribute.
Remember to star the project on GitHub and to follow the new official Twitter Account!
Co-authored: Eshaan Bansal & Matteo Lodi.