A cli script to analyze an E-Mail in the eml format for viewing the header, extracting attachments etc.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for debragail from gravatar.com debragail

Unverified details

These details have not been verified by PyPI
Project links
Meta
Classifiers
Report project as malware

Project description

emlAnalyzer

A cli script to analyze an E-Mail in the eml format for viewing the header, extracting attachments etc.

Installation

Install the package with pip

pip install eml-analyzer

Usage

Type emlAnalyzer --help to view the help.

usage: emlAnalyzer [OPTION]... [FILE]

A cli script to analyze an E-Mail in the eml format for viewing the header, extracting attachments etc.

optional arguments:
  -h, --help            show this help message and exit
  -i INPUT, --input INPUT
                        path to the eml-file (is required)
  --header              Shows the headers
  -x, --tracking        Shows content which is reloaded from external ressources in the HTML part
  -a, --attachments     Lists attachments
  --text                Shows plaintext
  --html                Shows HTML
  -s, --structure       Shows structure of the E-Mail
  -u, --url             Shows embedded links and urls in the html part
  -ea EXTRACT, --extract EXTRACT
                        Extracts the x-th attachment
  --extract-all		Extracts all attachments
  -o OUTPUT, --output OUTPUT
                        Path for the extracted attachment (default is filename in working directory)

Examples

Example 1

$ emlAnalyzer -i email_1.eml
 =================
 ||  Structure  ||
 =================
|- text/html

 =========================
 ||  URLs in HTML part  ||
 =========================
 - https://suspicious.site.com/Zajnad

 ===============================================
 ||  Reloaded Content (aka. Tracking Pixels)  ||
 ===============================================
[+] No content found which will be reloaded from external resources

 ===================
 ||  Attachments  ||
 ===================
[+] E-Mail contains no attachments

Example 2

$ emlAnalyzer -i email_2.eml
 =================
 ||  Structure  ||
 =================
|- multipart/mixed
|  |- multipart/related
|  |  |- text/html
|  |  |- image/jpeg                        [image002.jpg]
|  |  |- image/jpeg                        [image003.jpg]
|  |  |- image/png                         [image004.png]
|  |- message/rfc822
|  |  |- multipart/alternative
|  |  |  |- text/plain
|  |  |  |- text/html

 =========================
 ||  URLs in HTML part  ||
 =========================
 - https://example.company.com/random/link
 - mailto:john.doe@company.com

 ===============================================
 ||  Reloaded Content (aka. Tracking Pixels)  ||
 ===============================================
[+] No content found which will be reloaded from external resources

 ===================
 ||  Attachments  ||
 ===================
[1] image002.jpg        image/jpeg        inline
[2] image003.jpg        image/jpeg        inline
[3] image004.png        image/png         inline

Example 3

$ emlAnalyzer -i email_1.eml --header

 ==============
 ||  Header  ||
 ==============
From..........................................John Doe <asjkasd@asdasd123.com>
To............................................"bob@company.at" <bob@company.at>
Subject.......................................RANDOM SUBJECT
Thread-Topic..................................RANDOM SUBJECT
X-MS-Exchange-MessageSentRepresentingType.....1
Date..........................................Tue, 19 May 2020 07:02:37 +0000
Accept-Language...............................de-DE, en-US
Content-Language..............................de-DE
X-MS-Exchange-Organization-AuthAs.............Anonymous
X-MS-Has-Attach...............................
X-MS-TNEF-Correlator..........................
x-fireeye.....................................Clean
x-rmx-source..................................123.123.123.123
Content-Type..................................text/html; charset="iso-8859-1"
Content-Transfer-Encoding.....................quoted-printable
MIME-Version..................................1.0

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for debragail from gravatar.com debragail

Unverified details

These details have not been verified by PyPI
Project links
Meta
Classifiers

Release history Release notifications | RSS feed

This version

2.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release.See tutorial on generating distribution archives.

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

eml_parse-2.0.0-py3-none-any.whl (6.7 kB view details)

Uploaded Python 3

File details

Details for the file eml_parse-2.0.0-py3-none-any.whl.

File metadata

  • Download URL: eml_parse-2.0.0-py3-none-any.whl
  • Upload date:
  • Size: 6.7 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.3.0 pkginfo/1.7.0 requests/2.25.1 setuptools/51.3.3 requests-toolbelt/0.9.1 tqdm/4.56.0 CPython/3.7.9

File hashes

Hashes for eml_parse-2.0.0-py3-none-any.whl
Algorithm Hash digest
SHA256 0af9dfbfef41f485b6bbc2f68f8b55437fe91056a469aa706b8f47d0d6adba34
MD5 24fcc9368f32f9de1ff667f5fa4c167b
BLAKE2b-256 7d6fcdc6ffefbdc31537995afd1e035c0bda69b3dd4bfc7694b66b82ca64966a

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page