I wanted to share a neat API that works really well in InsightConnect, right now I’m accessing it via a REST plugin, but it could easily be converted into a plugin on its own.
https://apiflash.com/ allows you to pass a URL to it and it returns a URL to a jpeg of a screenshot of the website.
This works great with InsightConnect because using the Markdown in an Artifact you can include this image.
It doesn’t follow all the links on the page like a JoeSandbox would, but we are using this to see what the links would look like in a Phishing Workflow.
Having it as an Artifact allows an analyst to quickly tell if a link is trying to look like a login page even if something like VirusTotal comes back clean.
Attached is an example Artifact showing today’s google page, hopefully someone will find this useful.