Building a workflow for posting phish IOC’s into our Slack channel from an O 365 .msg file.
Looking to post a screenshot or image of the body of an email into a Slack message to give context in a decision.
Has anyone done anything like this? If so what are you using to capture the image or to convert the .msg file to jpg?
Can you just take parts of the message and format that in a way that’s easily digestible in slack?
Edit: I’m trying to dissuade you from the .jpg idea. I don’t think we can do the conversion.
Are you looking to post sender emails, URLs, and/or file hashes that are determined earlier in the workflow to be malicious? Or something else?
I’m looking to have a screenshot of the body of the email for context.
For example , check out this site.
https://www.zamzar.com/converters/document/msg-to-jpg/
I can upload a .msg file and convert it to jpg. Then take that jpg and send it in a Slack message along with other indicators to our security team. This allows us to review the body of the email without worry of clicking on url , etc, since it is a snapshot of the body instead of a .msg file with active links.
Interesting use case…makes sense. I would assume a plugin to zamzar on an equivalent service would be required to get this done leveraging automation.