Unfurl v2025.02 released

    Published: 2025-02-24. Last Updated: 2025-02-24 20:41:04 UTC
    by Jim Clausing (Version: 1)
    0 comment(s)

    I've been a big fan of Ryan Benson's unfurl[1] tool since he released it a little over 5 years ago. Unfurl is a tool that can parse/decode URLs including things like embedded timestamps and IP addresses. It can be run in gui form via a web browser or as a command-line tool (my preference). Well, last week, Ryan released an update to v2025.02[2,3] of unfurl and added the ability to decode BlueSky URLs (among other bugfixes). I've also updated my docker container[4] to run the command-line version of unfurl as well.

    References:

    1. https://dfir.blog/introducing-unfurl/

    2. https://dfir.blog/unfurl-parses-obfuscated-ip-addresses/

    3. https://github.com/obsidianforensics/unfurl

    4. https://hub.docker.com/repository/docker/clausing/dfir-unfurl/general

    ---------------
    Jim Clausing, GIAC GSE #26
    jclausing --at-- isc [dot] sans (dot) edu

    Keywords: Decoding tools unfurl
    0 comment(s)
    ISC Stormcast For Monday, February 24th, 2025 https://isc.sans.edu/podcastdetail/9336

      Comments

      Login here to join the discussion.


      Diary Archives