samples
turbot/flowpipe-samples/lookup-iocs

Lookup File hash In Different Tools

A composite Flowpipe mod that lookup a file hash in VirusTotal, Urlscan and other tools.

Run the pipeline

To run this pipeline from your terminal:

flowpipe pipeline run lookup_iocs.pipeline.lookup_file_hash \
--arg 'file_hash=<string>'

Use this pipeline

To call this pipeline from your pipeline, use a step:

step "pipeline" "step_name" {
pipeline = lookup_iocs.pipeline.lookup_file_hash
args = {
file_hash = <string>
}
}

Params

NameTypeRequiredDescriptionDefault
urlscan_credstringYesName for URLScan.io credentials to use. If not provided, the default credentials will be used.default
hybrid_analysis_api_keystringYesAPI key to authenticate requests with Hybrid Analysis.Your_Hybrid_Analysis_API_Key
file_hashstringYesThe file hash to be scanned.-
virustotal_credstringYesName for VirusTotal credentials to use. If not provided, the default credentials will be used.default

Outputs

NameDescription
lookup_file_hash