yaraMail Logo

yaraMail

0
Free
Visit Website

Yara Scanner For IMAP Feeds and saved Streams Reads an smtp formatted email file or connects to IMAP/POP server, reads emails and extracts attachments. Scans attachments with chosen Yara rule file. Writes the results to a Report File. Deletes the tmp dir created. Usage: IMAP Feed: python yaraMail.py -e -o sampleReport.txt -i -u me@you.com -p password -f inbox sample.yar imap.gmail.com POP Feed: python yaraMail.py -e -o sampleReport.txt -w -u you@me.com -p password sample.yar pop3.live.com From File: python yaraMail.py -e -o sampleReport.txt sample.yar SampleMail.txt Reports: Here is an example of the report print out From: Kevin Breen email@email.com Subject: Subject Line Att Name: Name of attatch.ext Matched Rules: Rule_Name1 Rule_Name2 Misc: The Attachement extract also extracts any Body to the EMail in either text/plain or text/HTML format -The text body of the email is typically named as part-001.ksh (this is what python mime guesses the ext as) -The HTML Body of the text is typically named as part-002.html ToDo: -Add verbose output

FEATURES

ALTERNATIVES

Azure DDoS Protection and Mitigation Services by Microsoft Azure for secure cloud solutions.

A service for better visibility on networking issues in Kubernetes clusters by detecting traffic denied by iptables.

Set up your own IPsec VPN server in just a few minutes with IPsec/L2TP, Cisco IPsec, and IKEv2.

Open source framework for network traffic analysis with advanced features.

A Burp Suite extension that formats GraphQL requests for easier reading

A tool for performing subdomain enumeration using Censys API

Simple perl script for making Modbus transactions from the command line.

Provides AI-driven cybersecurity solutions including assessments, training, compliance services, and insurance audits to help organizations reduce risk and build a security-aware culture.