Skip to main content

Workflow Template: Analyze URL with HyperAgent

HyperAgent scans suspicious URLs for phishing: decodes, defangs, checks infrastructure, inspects content, scores risk with OCSF output.

Updated this week

The "Analyze URL with HyperAgent" workflow template is designed for threat hunting and threat intelligence enrichment by analyzing suspicious URLs for phishing indicators. It employs a comprehensive 6-phase analysis protocol, including URL decoding, defanging, connectivity testing, content inspection, and risk scoring using the OCSF framework. The workflow outputs an OCSF-formatted JSON object and a detailed HTML report, providing actionable insights into potential phishing threats.

Take Me to the Template

Optional Triggers

["Workflow can be initiated from an 'Observable Created' trigger."]

Use Cases

Threat Hunting , Threat Intelligence Enrichment

Workflow Breakdown

  1. HyperAgent enriches URLs through a 6-phase analysis protocol, detecting phishing indicators and delivering an OCSF risk score.

  2. Renders a self-contained HTML phishing analysis report embedding the full analysis data and screenshot.

Vendors

Utils

Workflow Output

OCSF-formatted enrichment as a JSON object and URL of the rendered HTML report.

Tips

Related Articles
Workflow Template: Analyze File with ANY.RUN and Provide a Verdict
Workflow Template: URLScan URL Enrichment with Cache
Workflow Template: VirusTotal URL Enrichment with Cache
Workflow Template: Scan URLs with URLScan and Provide a Summary
Workflow Template: Decode Safe Links
Did this answer your question?