In part 1 of our Automating abuse inbox management and phishing response video series, we introduced the key concepts of Tines and built a basic story. In part two of the series, we go deep and add a lot of capability to our story. Including:

  • Attachment analysis in VirusTotal
  • Real-time detonation of attachments in Hybrid Analysis
  • Analysis of URLs in URLScan.io
  • Collection of user responses with the Tines “Prompt Widget”

Shown below are the before and after diagrams:Phishing Diagram Before and After

Phishing Diagram Before and After

Download and import the Part 2 story file (right-click -> save as): phishing-response-abuse-inbox-management-part-2.

 

References:

URLScan.io: https://urlscan.io/

URLScan.io API Docs: https://urlscan.io/about-api/

Hybrid Analysis: https://www.hybrid-analysis.com/

Hybrid Analysis API Docs: https://www.hybrid-analysis.com/docs/api/v2

Virustotal file submission: https://www.virustotal.com/en/documentation/public-api/#scanning-files

Tines Docs – Working with files: https://docs.tines.io/tines_agents_working_with_files.html

Tines Docs – Prompt widget: https://docs.tines.io/tines_agents_widgets.html