A Python package and command line utility for scanning emails with YARA rules
Project description
yaramail
is a Python package and command line utility for scanning emails with
YARA rules. It is Ideal for automated triage of phishing reports.
Features
- Scans all parts of an email via API or CLI
- Headers
- Removes header indents by default for consistent scanning
- Plain text and HTML body content
- Converts body content to Markdown by default for consistent scanning
- Attachments
- Raw file content
- Emails attached to emails
- PDF document text
- ZIP file contents, including nested ZIP files
- Uses message body content as a list of possible ZIP passwords
- Customizable list of passwords to use when attempting to scan encrypted ZIP files
- Headers
- Provides a built-in methodology for categorizing emails
- Parses
Authentication-Results
headers
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
yara_mail-3.1.5.tar.gz
(14.1 kB
view hashes)
Built Distribution
yara_mail-3.1.5-py3-none-any.whl
(14.9 kB
view hashes)
Close
Hashes for yara_mail-3.1.5-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 2e0d09cb49e2dc27800decd5a17936a29931362ca0b00becd711ec09fcdf4d9b |
|
MD5 | 4686e2f9737a76dcf7c11950fbd20da8 |
|
BLAKE2b-256 | b0cadf2e91c3b01c94d8f64f43e6ff51f194ff743e9dbafbd130580c626dd284 |