Fileintel – Application to Pull Malicious Files Intelligence
Fileintel is a tool used to collect various intelligence sources for a given file. The tool is written in a modular fashion so new intelligence sources can be easily added.
Files with Fileintel are identified by file hash (MD5, SHA1, SHA256). The output is in CSV format and sent to STDOUT so the data can be saved or piped into another program. Since the output is in CSV format, spreadsheets such as Excel or database systems will easily be able to import the data.

The tool allow to add Threat intel resources as required while current supported resources include:
- VirusTotal (Public API key and network I/O required, throttled when appropriate)
- NSRL Database
- ThreatCrowd (Network I/O required, throttled when appropriate)
- OTX by AlienVault (API key and network I/O required)
- ThreatExpert (Network I/O required)
You can read more and download this tool over here: https://github.com/keithjjones/fileintel
Subscribe
0 Comments