yaraMail Logo

yaraMail

0
Free
Visit Website

Yara Scanner For IMAP Feeds and saved Streams Reads an smtp formatted email file or connects to IMAP/POP server, reads emails and extracts attachments. Scans attachments with chosen Yara rule file. Writes the results to a Report File. Deletes the tmp dir created. Usage: IMAP Feed: python yaraMail.py -e -o sampleReport.txt -i -u me@you.com -p password -f inbox sample.yar imap.gmail.com POP Feed: python yaraMail.py -e -o sampleReport.txt -w -u you@me.com -p password sample.yar pop3.live.com From File: python yaraMail.py -e -o sampleReport.txt sample.yar SampleMail.txt Reports: Here is an example of the report print out From: Kevin Breen email@email.com Subject: Subject Line Att Name: Name of attatch.ext Matched Rules: Rule_Name1 Rule_Name2 Misc: The Attachement extract also extracts any Body to the EMail in either text/plain or text/HTML format -The text body of the email is typically named as part-001.ksh (this is what python mime guesses the ext as) -The HTML Body of the text is typically named as part-002.html ToDo: -Add verbose output

FEATURES

ALTERNATIVES

A program to log login attempts on Telnet (port 23) and track the Mirai botnet

Netis Cloud Probe is an open source project for capturing and analyzing network packets across different machines.

Makes output from the tcpdump program easier to read and parse.

A simple CORS misconfiguration scanner

A Burp Suite extension that formats GraphQL requests for easier reading

A tool for analyzing TCP packet traces with color support.

An open source, self-hosted implementation of the Tailscale control server.

SentryPeer is a fraud detection tool that monitors and detects fraudulent activities on SIP servers, capturing IP addresses and phone numbers of suspicious activities and providing a notification system to service providers.

PINNED