Hey community,
I have just started to implement a SOAR for below scenario and seeking advice on the same.
Obviously phishing emails do also contains images or buttons that takes us to a malicious URL. Now in my case, the URL is not directly malicious rather a captcha that if you solve will then take you to a malicious URL. I am thinking of if there's a way to command Secops SOAR to further check on a URL extracted from Image by solving captcha by itself?
I also need help to get the right parser for URL extraction from the image. Current, all I see is just domain.
