Skip to main content
All CollectionsTemplatesBasic
Slack Mention to Analyze Suspicious URLs and IPs with VirusTotal - Workflow Template
Slack Mention to Analyze Suspicious URLs and IPs with VirusTotal - Workflow Template

Receive a suspicious list of URLs and/or IPs from Slack, scan using VirusTotal, and report back to the Slack thread the results.

Updated over 6 months ago

The "Slack Mention to Analyze Suspicious URLs and IPs with VirusTotal" workflow template is designed to automate security checks in response to Slack events. Upon triggering by the keyword "analyze" in a Slack mention, it scans for IP addresses and URLs within the message, checks them against VirusTotal, and shares the findings back in the Slack thread, streamlining the process to quickly identify potential threats.

Trigger

Slack

Use Cases

Security Bots

Workflow Breakdown

  1. Respond to a mention event from Slack with the keyword "analyze"

  2. Filter for IPs and URLs from the event

  3. Scan IPs if provided in the event and send the results

  4. Scan URLs if provided in the event and send the results

  5. Send message at the end of the workflow

Vendors

Slack, Utils, VirusTotal

Workflow Output

Updates via Slack

Tips

Results will be provided to the originator and original Slack thread

Did this answer your question?