Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/faizan-khanx/faizanheaders
An forensics tool to help aid in the investigation of spoofed emails based off the email headers.
https://github.com/faizan-khanx/faizanheaders
Last synced: about 5 hours ago
JSON representation
An forensics tool to help aid in the investigation of spoofed emails based off the email headers.
- Host: GitHub
- URL: https://github.com/faizan-khanx/faizanheaders
- Owner: Faizan-Khanx
- License: mit
- Created: 2024-08-21T17:39:48.000Z (3 months ago)
- Default Branch: main
- Last Pushed: 2024-08-22T18:02:57.000Z (3 months ago)
- Last Synced: 2024-08-22T20:48:34.587Z (3 months ago)
- Language: Python
- Size: 15.6 KB
- Stars: 0
- Watchers: 1
- Forks: 1
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
## About FaizanHeaders
- What is FaizanHeaders?
**FaizanHeaders** is a python based forensic tool which reads through the email headers from the email file and extracts crucial information to identify if the email is legitimate.
- What are the advantages of using FaizanHeaders?
Have you ever heared of **email hacking** or **sophisticated email crimes** where a spoofed email is sent to the victim and the victim trusts this email based on the email address which is infact fake. These email contains mallicious links which can be used to extract some information or install some malware or backdoors on your device. So, in order to avoid you from this FaizanHeaders comes to your rescue.
Here I have added instructions on how to download the email from the file and then pass it to the FaizanHeaders executable. It then parses the headers and informs you if the mail is genuine or not. Whenever you are suspicious about an email be sure to check it once here. It can save you in most of the scenarios. If anyone has some ideas/updates feel free to open an issue or create a pull request.
- What are the information revealed by the FaizanHeaders?
FaizanHeaders parses the following headers:
* Message-ID
* SPF-Record
* DKIM-Record
* DMARC-Record
* Spoofed Email detection based on the above headers
* IP-Address of the sender
* Service Provider used for sending the email
* Content-Type
* Data and Time
* Subject
- Why is it important to check such parameters?
* [ONGC Email Phising](https://indianexpress.com/article/business/companies/identity-theft-ongc-falls-prey-to-cyber-fraud-loses-rs-197-crore/)
There are many more such cases which you can find online releated to email crimes.
## Installation
You have two methods to use FaizanHeaders. Either you can download the github repo and run the FaizanHeaders.py file from the command line. Make sure you have all requirements installed in this case like python3. You may also run the standalone binaries. This is for those who have very little technical knowledge.
1. Clone the repository
```(bash)
git clone https://github.com/Faizan-Khanx/FaizanHeaders
```
2. Running from the FaizanHeaders.py file
```(bash)
cd FaizanHeaders
python3 FaizanHeaders.py
```
## Usage
Either you are on windows or linux first download the original metadata of the email using the **show original** / **view raw** / **download original** option.
Then we pass the `eml` file to the executable.
#
### Linux
1. Use `FaizanHeaders.py` from the cloned repo. (Python is required)
```
python3 FaizanHeaders.py -f a.eml
```
## Demo
This is a sample demonstration explaining all the procedures. First it has the steps for running on linux then it has the steps needed for running on windows just in case you are struck.
# Feedback
- If you have any feedback, please reach out to us at
- [INSTAGRAM](https://instagram.com/ethicalfaizan)
- [GITHUB](https://github.com/faizan-khanx)
- [EMAIL](mailto:[email protected])