Building blocks for automation workflows
#help
channel in Tracecat Discord is the place to be!Add action
Configure action
save
.Pass malware sample to webhook
https://runner.tracecat.com/webhooks/<path>/<secret>
.
This URL will differ for every user and action block.You can pass data into the webhook using cURL.
In the following example, we send the webhook a SHA-256 malware sample:Receive URL
will have the key receive_url
.Get malware report
url
input field with the following:
https://mb-api.abuse.ch/api/v1/query=get_info&hash={{ $.receive_malware_sample.payload.malware_sha256 }}
method
input field to POST
.{{ $.receive_malware_sample.payload.malware_sha256 }}
is the JSONPath query to get the malware sample from the previous action’s output.#help
channel in Tracecat Discord!Send malware report to yourself
receivers
input field with your email address.subject
input field to Malware report for {{ $.receive_malware_sample.payload.malware_sha256 }}
.content
input field to {{ $.get_malware_report.payload }}
.🎉 Congratulations
URLScan
Perform a security scan on a given URLVirusTotal
Get detailed report for a malware sampleMicrosoft Defender
Trigger a scan on a specific fileEmailRep
Retrieve reputation information for a given email addressGeoIP Lookup
Get the geographical location information for a given IP address.Slack
Send a message to a specific channel on Slack#feedback
channel in Tracecat Discord: