Check IP in CIDR
Checks if an IP address belongs to a specific network (CIDR block). Returns True or False.
For example: The given IP 192.168.1.10, and the CIDR 192.168.1.0/24 will result in the output True.
| Parameter | Description |
|---|
| IP Address | The IP that needs to be checked as a plain string. |
| CIDR | The network, represented as a CIDR. |
Defang Entity
Alters potentially malicious content within a string entity (like a URL, email address, or domain) to make it appear harmless.
For example:
For the string: https://www.malwarebytes.com/malware, and the method Replace, the returned string will be: hXXps://www[.]malwarebytes[.]com/malware .
| Parameter | Description |
|---|
| String | The string entity that needs to be defanged. |
| Method | The “defanging” method. The supported methods are: - Replace - This method replaces sensitive parts (protocol prefixes in URLs,
@ in emails, and . in domains) with placeholders like hXXp:// and [at]. - Brackets - This method adds square brackets around the suspicious elements to visually indicate potential risk without altering the core content.
|
Decode URL
Converts a given URL encoded string into a string.
For example:
For the encoded string:https%3A//blinkops.com/utility%3Fname%3Ddecode_url, the returned string will be: https://blinkops.com/utility?name=decode_url.
| Parameter | Description |
|---|
| Encoded URL | The encoded URL that needs to be converted into a string. |
Encode URL
Converts a given url string into url encoded format.
For example:
For the string: https://blinkops.com/utility?name=encode_url, the returned encoded URL will be: https%3A//blinkops.com/utility%3Fname%3Dencode_url.
| Parameter | Description |
|---|
| URL | The URL that needs to be converted into URL-encoded format. |
Refang Entity
Reverts a defanged entity back to its original form.
For example:
For the string: hXXps://www[.]malwarebytes[.]com/malware, and the method Replace, the returned string will be: https://www.malwarebytes.com/malware.
| Parameter | Description |
|---|
| Defanged String | The string entity that needs to be reverted to its previous form. |
| Method | The “defanging” method used originally. The supported methods are: - Replace - This method replaces sensitive parts (protocol prefixes in URLs,
@ in emails, and . in domains) with placeholders like hXXp:// and [at]. - Brackets - This method adds square brackets around the suspicious elements to visually indicate potential risk without altering the core content.
|
WhoIs Query
The WhoIs Query utility action allows you to run a whois query on domains and IP addresses.
Some WhoIs commands might take some time as the command searches across all servers to find the requested data.In-case of a timeout we suggest to increase the Timeout in the action settings.
| Parameter | Description |
|---|
| WhoIs Query | The WhoIs query to run. |
