yaraMail Logo

yaraMail

0
Free
Updated 11 March 2025
Network Security
Yara
Rule Based Scanning
Visit Website

Yara Scanner For IMAP Feeds and saved Streams Reads an smtp formatted email file or connects to IMAP/POP server, reads emails and extracts attachments. Scans attachments with chosen Yara rule file. Writes the results to a Report File. Deletes the tmp dir created. Usage: IMAP Feed: python yaraMail.py -e -o sampleReport.txt -i -u me@you.com -p password -f inbox sample.yar imap.gmail.com POP Feed: python yaraMail.py -e -o sampleReport.txt -w -u you@me.com -p password sample.yar pop3.live.com From File: python yaraMail.py -e -o sampleReport.txt sample.yar SampleMail.txt Reports: Here is an example of the report print out From: Kevin Breen email@email.com Subject: Subject Line Att Name: Name of attatch.ext Matched Rules: Rule_Name1 Rule_Name2 Misc: The Attachement extract also extracts any Body to the EMail in either text/plain or text/HTML format -The text body of the email is typically named as part-001.ksh (this is what python mime guesses the ext as) -The HTML Body of the text is typically named as part-002.html ToDo: -Add verbose output

FEATURES

EXPLORE BY TAGS

Yara

Rule Based Scanning

SIMILAR TOOLS

wireshark Logo
wireshark

A free, open-source network protocol analyzer for capturing and displaying packet-level data.

Free
Network Security
AWS Shield Logo
AWS Shield

AWS Shield provides managed DDoS protection for your applications, automatically detecting and mitigating sophisticated network-level DDoS events.

Free
Network Security
metahttp Logo
metahttp

A bash script for scanning a target network for HTTP resources through XXE

Free
Network Security
Malware Traffic Analysis Logo
Malware Traffic Analysis

A blog sharing packet capture files and malware samples for training and analysis, with archived posts and traffic analysis exercises.

Free
Network Security
RDPY Logo
RDPY

Pure Python implementation of Microsoft RDP protocol with various tools and support for different security layers.

Free
Network Security
ssh-honeypotd Logo
ssh-honeypotd

A low-interaction SSH honeypot written in C

Free
Network Security
Subfinder Logo
Subfinder

Fast passive subdomain enumeration tool

Free
Network Security
snmpcheck Logo
snmpcheck

A tool for enumerating information via SNMP protocol.

Free
Network Security
Detection and Hunting Signatures Logo
Detection and Hunting Signatures

A set of interrelated detection rules for improving detection and hunting visibility and context

Free
Network Security

PINNED

Mandos Logo

Mandos

Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Consulting
Checkmarx SCA Logo

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security
Orca Security Logo

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security
DryRun Logo

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security
CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

VAT: NL005301434B12

Copyright © 2025 - All rights reserved

LINKS
BlogContact
LEGAL
Terms of servicesPrivacy policy