Skip to main content
All CollectionsTemplatesBasic
Slack Mention to Analyze Suspicious URLs and IPs with VirusTotal - Workflow Template
Slack Mention to Analyze Suspicious URLs and IPs with VirusTotal - Workflow Template

Receive a suspicious list of URLs and/or IPs from Slack, scan using VirusTotal, and report back to the Slack thread the results.

Updated over 6 months ago

The "Slack Mention to Analyze Suspicious URLs and IPs with VirusTotal" workflow template is designed to automate security checks in response to Slack events. Upon triggering by the keyword "analyze" in a Slack mention, it scans for IP addresses and URLs within the message, checks them against VirusTotal, and shares the findings back in the Slack thread, streamlining the process to quickly identify potential threats.

Take Me to the Template

Trigger

Slack

Use Cases

Security Bots

Workflow Breakdown

  1. Respond to a mention event from Slack with the keyword "analyze"

  2. Filter for IPs and URLs from the event

  3. Scan IPs if provided in the event and send the results

  4. Scan URLs if provided in the event and send the results

  5. Send message at the end of the workflow

Vendors

Slack, Utils, VirusTotal

Workflow Output

Updates via Slack

Tips

Results will be provided to the originator and original Slack thread

Related Articles
VirusTotal
Monitor and Handle Mailbox Folder for Phishing via IMAP - Workflow Template
Teams Mention to Analyze Suspicious URLs and IPs with VirusTotal - Workflow Template
Check if IPv4 Address is Part of an AWS IP Network Block - Workflow Template
Monitor an Outlook Mailbox for Phishing with VirusTotal - Workflow Template
Did this answer your question?