Accepts a url link, IP, or domain to be detonated using urlscan.io API connector.
- Type: Investigation
- Product: Splunk SOAR
- Apps: urlscan.io
- Last Updated: 2023-03-23
- Author: Teoderick Contreras, Splunk
- ID: a1173c28-7b33-4a56-9d7f-5dbbca595cb0
How To Implement
This input playbook requires the urlscan.io API connector to be configured. It is designed to work in conjunction with the Dynamic Attribute Lookup playbook or other playbooks in the same style.
|D3-DA||Dynamic Analysis||Executing or opening a file in a synthetic "sandbox" environment to determine if the file is a malicious program or if the file exploits another program such as a document reader.||File Analysis|
source | version: 1