Simple Client for the Intel Owl Project
2 ways to use it:
- as a library
- as a command line script
You can select which analyzers you want to run for every analysis you perform.
Note: To use this, you need a valid API token to interact with the IntelOwl server. Token should be created from the admin interface of IntelOwl and paste it into api_token.txt.
For additional help, we suggest to check the "How to use pyintelowl" Youtube Video by Kostas.
pip3 install pyintelowl
from pyintelowl.pyintelowl import IntelOwl
ask_analysis_availability -> search for already available analysis
send_file_analysis_request -> send a file to be analyzed
send_observable_analysis_request -> send an observable to be analyzed
ask_analysis_result -> request analysis result by job ID
get_analyzer_configs -> get the analyzers configuration
python3 intel_owl_client.py -h
2 Submodules: file and observable
Example:
python3 intel_owl_client.py -k <api_token_file> -i <url> -a PE_Info -a File_Info file -f <path_to_file>
Run all available analyzers (some of them could fail if you did not implemented the required configuration in the IntelOwl server):
python3 intel_owl_client.py -k <api_token_file> -i <url> -aa file -f <path_to_file>
Example:
python3 intel_owl_client.py -k <api_token_file> -i <url> -a AbuseIPDB -a OTXQuery observable -v google.com
python3 intel_owl_client.py -k <api_token_file> -i <url> -gc