Skip to main content
All CollectionsTemplatesBasic
Scan URLs with VirusTotal and Provide Summary Verdict - Workflow Template
Scan URLs with VirusTotal and Provide Summary Verdict - Workflow Template

Receive an array of URLs to scan with VirusTotal and provide a summary per URL of any malicious or suspicious count more than 1.

Updated over 6 months ago

This workflow template facilitates Threat Intelligence Enrichment by automating the scanning of a batch of URLs using VirusTotal. Upon receipt of an array of URLs, it executes a parallel loop to check each URL against VirusTotal's database. If initial results are absent, URLs are submitted for analysis and results are awaited. It produces a detailed report for each URL when at least one engine flags it as malicious or suspicious and delivers a summary of the entire URL set. Essential for organizations looking to bolster their cybersecurity posture with prompt and comprehensive URL threat analysis.

Take Me to the Template

Use Cases

Threat Intelligence Enrichment

Workflow Breakdown

  1. Receive an array of URLs from a parent workflow

  2. Loop over each URL in parallel

  3. Query VirusTotal for results. If results are found collect results.

  4. If results were not found, submit URL for analysis with VirusTotal and collect results

  5. Provide statistics per URL when 1 or more engines report malicious or suspicious and a summary count of all URLs

Vendors

Utils, VirusTotal

Workflow Output

Output of each URL that is found to be malicious or suspicious and a summary of all URLs in the array by malicious and suspicious count.

Related Articles
VirusTotal URL Enrichment with Cache - Workflow Template
VirusTotal File Hash Enrichment with Cache - Workflow Template
Submit a File for Analysis to VirusTotal with Cache - Workflow Template
Scan URLs with URLScan and Provide a Summary - Workflow Template
Monitor an Outlook Mailbox for Phishing with VirusTotal - Workflow Template
Did this answer your question?