/eml_analyzer

EML analyzer is an application to analyze the EML file

Primary LanguagePythonMIT LicenseMIT

EML analyzer

Build Status Coverage Status CodeFactor

EML analyzer is an application to analyze the EML file which can:

  • Analyze headers.
  • Analyze bodies.
    • Extract IOCs (URLs, domains, IP addresses, emails) in bodies.
  • Analyze attachments.
    • Identify whether attachments contain suspicious OLE files.

Installation

Docker

git clone https://github.com/ninoseki/eml_analyzer.git
cd eml_analyzer
docker build . -t eml_analyzer
docker run -i -d -p 8000:8000 eml_analyzer

The application is running at: http://localhost:8000/ in your browser.

Heroku

Alternatively, you can deploy the application on Heroku.

Deploy

ToDo

  • Support MSG format.
  • In-depth attachments analysis by using oletools.