一个cli脚本,用于分析eml格式的电子邮件,以查看邮件头、提取附件等。
eml-analyzer的Python项目详细描述
埃姆拉内泽
一个cli脚本,用于分析eml格式的电子邮件,以查看邮件头、提取附件等
安装
用pip安装软件包
pip install eml-analyzer
使用
键入emlAnalyzer --help
查看帮助。在
示例
例1
$ emlAnalyzer -i email_1.eml
=================
|| Structure ||
=================
|- text/html
=========================
|| URLs in HTML part ||
=========================
- https://suspicious.site.com/Zajnad
===============================================
|| Reloaded Content (aka. Tracking Pixels) ||
===============================================
[+] No content found which will be reloaded from external resources
===================
|| Attachments ||
===================
[+] E-Mail contains no attachments
例2
$ emlAnalyzer -i email_2.eml
=================
|| Structure ||
=================
|- multipart/mixed
| |- multipart/related
| | |- text/html
| | |- image/jpeg [image002.jpg]
| | |- image/jpeg [image003.jpg]
| | |- image/png [image004.png]
| |- message/rfc822
| | |- multipart/alternative
| | | |- text/plain
| | | |- text/html
=========================
|| URLs in HTML part ||
=========================
- https://example.company.com/random/link
- mailto:john.doe@company.com
===============================================
|| Reloaded Content (aka. Tracking Pixels) ||
===============================================
[+] No content found which will be reloaded from external resources
===================
|| Attachments ||
===================
[1] image002.jpg image/jpeg inline
[2] image003.jpg image/jpeg inline
[3] image004.png image/png inline
例3
$ emlAnalyzer -i email_1.eml --header
==============
|| Header ||
==============
From..........................................John Doe <asjkasd@asdasd123.com>
To............................................"bob@company.at" <bob@company.at>
Subject.......................................RANDOM SUBJECT
Thread-Topic..................................RANDOM SUBJECT
X-MS-Exchange-MessageSentRepresentingType.....1
Date..........................................Tue, 19 May 2020 07:02:37 +0000
Accept-Language...............................de-DE, en-US
Content-Language..............................de-DE
X-MS-Exchange-Organization-AuthAs.............Anonymous
X-MS-Has-Attach...............................
X-MS-TNEF-Correlator..........................
x-fireeye.....................................Clean
x-rmx-source..................................123.123.123.123
Content-Type..................................text/html; charset="iso-8859-1"
Content-Transfer-Encoding.....................quoted-printable
MIME-Version..................................1.0
- 项目
标签: