intelowlproject/intelowl_nginx Docker 镜像 - 轩辕镜像
intelowlproject/intelowl_nginxIntelOwl Nginx custom build
0 次下载activeintelowlproject镜像
.
- A Fully-fledged REST APIs written in Django and Python.
- An easy way to be integrated in your stack of security tools to automate common jobs usually performed, for instance, by SOC analysts manually. (Thanks to the official libraries pyintelowl and go-intelowl)
- A built-in GUI: provides features such as dashboard, visualizations of analysis data, easy to use forms for requesting new analysis, etc.
- A framework composed of modular components called Plugins:
- analyzers that can be run to either retrieve data from external sources (like VirusTotal or AbuseIPDB) or to generate intel from internally available tools (like Yara or Oletools)
- connectors that can be run to export data to external platforms (like MISP or OpenCTI)
- pivots that are designed to trigger the execution of a chain of analysis and connect them to each other
- visualizers that are designed to create custom visualizations of analyzers results in the GUI
- ingestors that allow to automatically ingest stream of observables or files to IntelOwl itself
- playbooks that are meant to make analysis easily repeatable
- data models to map the different data extracted from analyzers to a single common schema
- A starting point for analysts' Investigations: users can register their findings, correlate the information found, and collaborate...all in a single place
Documentation
We try hard to keep our documentation well written, easy to understand and always updated. All info about installation, usage, configuration and contribution can be found here
Publications and Media
To know more about the project and its growth over time, you may be interested in reading the official blog posts and/or videos about the project by clicking on this link
Available services or analyzers
You can see the full list of all available analyzers in the documentation.
| Type | Analyzers Available |
|---|---|
| Inbuilt modules | - Static Office Document, RTF, PDF, PE, ELF, APK File Analysis and metadata extraction - Strings Deobfuscation and analysis (FLOSS, Stringsifter, ...) - Yara, ClamAV (a lot of public rules are available. You can also add your own rules) - PE Emulation with Qiling and Speakeasy - PE Signature verification - PE Capabilities Extraction (CAPA and Blint) - Javascript Emulation (Box-js) - Android Malware Analysis (Quark-Engine, Androguard, Mobsf, ...) - SPF and DMARC Validator - PCAP Analysis with Suricata and Hfinger - Honeyclients (Thug, Selenium) - Scanners (WAD, Nuclei, ...) - more... |
| External services | - Abuse.ch MalwareBazaar/URLhaus/Threatfox/YARAify - GreyNoise v2 - Intezer - VirusTotal v3 - Crowdsec - URLscan - Shodan - AlienVault OTX - Intelligence_X - MISP - many more.. |
Partnerships and ***
As open source project maintainers, we strongly rely on external support to get the resources and time to work on keeping the project alive, with a constant release of new features, bug fixes and general improvements.
Because of this, we joined Open Collective to obtain US and EU non-profit equal level status which allows the organization to receive and manage donations transparently and with tax exemption. Please support IntelOwl and all the community by choosing a plan (BRONZE, SILVER, etc).
Certego
Certego is a MDR (Managed Detection and Response) and Threat Intelligence Provider based in Italy.
IntelOwl was born out of Certego's Threat intelligence R&D division and is mostly maintained and updated thanks to them.
The Honeynet Project
The Honeynet Project is a non-profit organization working on creating open source cyber security tools and sharing knowledge about cyber threats.
Thanks to Honeynet, we are hosting a public demo of the application here. If you are interested, please contact a member of Honeynet or an IntelOwl maintainer to get access to the public service.
Google Summer of Code
Since its birth this project has been participating in the Google Summer of Code (GSoC)!
If you are interested in participating in the next Google Summer of Code, check all the info available in the dedicated repository!
Docker
In 2021 IntelOwl joined the official Docker Open Source Program. This allows IntelOwl developers to easily manage Docker images and focus on writing the code. You may find the official IntelOwl Docker images here.
DigitalOcean
intelowlproject/intelowl
by intelowlproject
IntelOwl:大规模管理威胁情报
13100K+ pulls
上次更新:2 天前
intelowlproject/intelowl_malware_tools_analyzers
by intelowlproject
IntelOwl集成Capa、Floss、Qiling等恶意软件分析工具的Docker镜像,用于恶意软件分析。
10K+ pulls
上次更新:2 天前
intelowlproject/intelowl_pcap_analyzers
by intelowlproject
Intel Owl是一个开源威胁情报管理解决方案,集成多种在线分析器和恶意软件分析工具,通过单一API请求从多源获取威胁情报,支持文件及可观察对象(IP、域名等)的情报丰富,提供REST API和内置GUI,适用于安全自动化和SOC分析。
10K+ pulls
上次更新:3 天前
轩辕镜像配置手册
探索更多轩辕镜像的使用方法,找到最适合您系统的配置方式
登录仓库拉取
通过 Docker 登录认证访问私有仓库
Linux
在 Linux 系统配置镜像服务
Windows/Mac
在 Docker Desktop 配置镜像
Docker Compose
Docker Compose 项目配置
K8s Containerd
Kubernetes 集群配置 Containerd
K3s
K3s 轻量级 Kubernetes 镜像加速
宝塔面板
在宝塔面板一键配置镜像
群晖
Synology 群晖 NAS 配置
飞牛
飞牛 fnOS 系统配置镜像
极空间
极空间 NAS 系统配置服务
爱快路由
爱快 iKuai 路由系统配置
绿联
绿联 NAS 系统配置镜像
威联通
QNAP 威联通 NAS 配置
Podman
Podman 容器引擎配置
Singularity/Apptainer
HPC 科学计算容器配置
其他仓库配置
ghcr、Quay、nvcr 等镜像仓库
专属域名拉取
无需登录使用专属域名
需要其他帮助?请查看我们的 常见问题Docker 镜像访问常见问题解答 或 提交工单
镜像拉取常见问题
轩辕镜像免费版与专业版有什么区别?
免费版仅支持 Docker Hub 访问,不承诺可用性和速度;专业版支持更多镜像源,保证可用性和稳定速度,提供优先客服响应。
轩辕镜像支持哪些镜像仓库?
专业版支持 docker.io、gcr.io、ghcr.io、registry.k8s.io、nvcr.io、quay.io、mcr.microsoft.com、docker.elastic.co 等;免费版仅支持 docker.io。
流量耗尽错误提示
当返回 402 Payment Required 错误时,表示流量已耗尽,需要充值流量包以恢复服务。
410 错误问题
通常由 Docker 版本过低导致,需要升级到 20.x 或更高版本以支持 V2 协议。
manifest unknown 错误
先检查 Docker 版本,版本过低则升级;版本正常则验证镜像信息是否正确。
镜像拉取成功后,如何去掉轩辕镜像域名前缀?
使用 docker tag 命令为镜像打上新标签,去掉域名前缀,使镜像名称更简洁。
用户好评
来自真实用户的反馈,见证轩辕镜像的优质服务
oldzhang
运维工程师
Linux服务器
5
"Docker访问体验非常流畅,大镜像也能快速完成下载。"