A Python package and command line utility for scanning emails with YARA rules
Project description
yaramail
is a Python package and command line utility for scanning emails with
YARA rules. It is Ideal for automated triage of phishing reports.
Features
- Scans all parts of an email via API or CLI
- Headers
- Removes header indents by default for consistent scanning
- Plain text and HTML body content
- Converts body content to Markdown by default for consistent scanning
- Attachments
- Raw file content
- Emails attached to emails
- PDF document text
- ZIP file contents, including nested ZIP files
- Uses message body content as a list of possible ZIP passwords
- Customizable list of passwords to use when attempting to scan encrypted ZIP files
- Headers
- Provides a built-in methodology for categorizing emails
- Parses
Authentication-Results
headers
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
yara_mail-3.1.8.tar.gz
(14.1 kB
view hashes)
Built Distribution
yara_mail-3.1.8-py3-none-any.whl
(14.9 kB
view hashes)
Close
Hashes for yara_mail-3.1.8-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 34d7a0ef916cebe61d6308cba5b399fb5bb8cd0d46fdd319d90022e9bb44c0e8 |
|
MD5 | 6221e1bf75264150449eb1dcf089e12f |
|
BLAKE2b-256 | 1a0eee4b96e5c4a963178f4826115685839b61ac99c69fbb2fa62239525fadd0 |