A Python package and command line utility for scanning emails with YARA rules
Project description
yaramail
is a Python package and command line utility for scanning emails with
YARA rules. It is ideal for automated triage of phishing reports.
CLI Demo
Features
- Scans all parts of an email via API or CLI
- Headers
- Removes header indents by default for consistent scanning
- Plain text and HTML body content
- Converts body content to Markdown by default for consistent scanning
- Attachments
- Raw file content
- Emails attached to emails
- PDF document text
- ZIP file contents, including nested ZIP files
- Uses message body content as a list of possible ZIP passwords
- Customizable list of passwords to use when attempting to scan encrypted ZIP files
- Headers
- Provides a built-in methodology for categorizing emails
- Parses
Authentication-Results
headers
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
yara_mail-3.2.0.tar.gz
(14.4 kB
view hashes)
Built Distribution
yara_mail-3.2.0-py3-none-any.whl
(15.1 kB
view hashes)
Close
Hashes for yara_mail-3.2.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 5d887d599dc426249c929e1da843a471ad0694bd2324dc043aad4f68f262516e |
|
MD5 | 1de1a6cadc19e40257236fb7bc26b0cb |
|
BLAKE2b-256 | 68545c1dc90a813c0b9ca682303e3be74a11b39778a64c57dd4460188f0521b8 |