<div align="center">
<img src="https://seanthegeek.github.io/yaramail/_static/yaramail-logo.png" alt="yaramail logo">
<h1 style=>yaramail</h1>
[![Python tests](https://github.com/seanthegeek/yaramail/actions/workflows/python-tests.yaml/badge.svg)](https://github.com/seanthegeek/yaramail/actions/workflows/python-tests.yaml)
[![PyPI](https://img.shields.io/pypi/v/yara-mail)](https://pypi.org/project/yara-mail/)
[![PyPI - Downloads](https://img.shields.io/pypi/dm/yara-mail?color=blue)](https://pypistats.org/packages/yara-mail)
</div>
`yaramail` is a Python package and command line utility for scanning emails with
[YARA rules][yara]. It is ideal for automated triage of phishing reports.
## CLI Demo
[![asciicast](https://asciinema.org/a/529801.svg)][cli-demo]
## Features
- Scans all parts of an email via API or CLI
- Headers
- Removes header indents by default for consistent scanning
- Plain text and HTML body content
- Converts body content to Markdown by default for consistent scanning
- Attachments
- Raw file content
- Emails attached to emails
- PDF document text
- ZIP file contents, including nested ZIP files
- Uses message body content as a list of possible ZIP passwords
- Customizable list of passwords to use when attempting to scan encrypted ZIP files
- Provides a built-in methodology for categorizing emails
- Parses `Authentication-Results` headers
[yara]: https://yara.readthedocs.io/en/stable/writingrules.html
[cli-demo]: https://seanthegeek.github.io/yaramail/tutorial.html#using-the-cli
Raw data
{
"_id": null,
"home_page": null,
"name": "yara-mail",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.7",
"maintainer_email": null,
"keywords": "YARA,email,information security,infosec,security",
"author": null,
"author_email": "Sean Whalen <whalenster@gmail.com>",
"download_url": "https://files.pythonhosted.org/packages/5c/4a/0fd1dc35a711b6fca9c299168f67725ebabe211d17d8564a86272ef9095d/yara_mail-3.2.0.tar.gz",
"platform": null,
"description": "<div align=\"center\">\n <img src=\"https://seanthegeek.github.io/yaramail/_static/yaramail-logo.png\" alt=\"yaramail logo\">\n<h1 style=>yaramail</h1>\n\n [![Python tests](https://github.com/seanthegeek/yaramail/actions/workflows/python-tests.yaml/badge.svg)](https://github.com/seanthegeek/yaramail/actions/workflows/python-tests.yaml)\n [![PyPI](https://img.shields.io/pypi/v/yara-mail)](https://pypi.org/project/yara-mail/)\n [![PyPI - Downloads](https://img.shields.io/pypi/dm/yara-mail?color=blue)](https://pypistats.org/packages/yara-mail)\n</div>\n\n`yaramail` is a Python package and command line utility for scanning emails with\n[YARA rules][yara]. It is ideal for automated triage of phishing reports.\n\n## CLI Demo\n\n[![asciicast](https://asciinema.org/a/529801.svg)][cli-demo]\n\n## Features\n\n- Scans all parts of an email via API or CLI\n - Headers\n - Removes header indents by default for consistent scanning\n - Plain text and HTML body content\n - Converts body content to Markdown by default for consistent scanning\n - Attachments\n - Raw file content\n - Emails attached to emails\n - PDF document text\n - ZIP file contents, including nested ZIP files\n - Uses message body content as a list of possible ZIP passwords\n - Customizable list of passwords to use when attempting to scan encrypted ZIP files\n- Provides a built-in methodology for categorizing emails\n- Parses `Authentication-Results` headers\n\n[yara]: https://yara.readthedocs.io/en/stable/writingrules.html\n[cli-demo]: https://seanthegeek.github.io/yaramail/tutorial.html#using-the-cli\n",
"bugtrack_url": null,
"license": null,
"summary": "A Python package and command line utility for scanning emails with YARA rules",
"version": "3.2.0",
"split_keywords": [
"yara",
"email",
"information security",
"infosec",
"security"
],
"urls": [
{
"comment_text": null,
"digests": {
"blake2b_256": "68545c1dc90a813c0b9ca682303e3be74a11b39778a64c57dd4460188f0521b8",
"md5": "1de1a6cadc19e40257236fb7bc26b0cb",
"sha256": "5d887d599dc426249c929e1da843a471ad0694bd2324dc043aad4f68f262516e"
},
"downloads": -1,
"filename": "yara_mail-3.2.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "1de1a6cadc19e40257236fb7bc26b0cb",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.7",
"size": 15088,
"upload_time": "2023-04-08T03:20:27",
"upload_time_iso_8601": "2023-04-08T03:20:27.820171Z",
"url": "https://files.pythonhosted.org/packages/68/54/5c1dc90a813c0b9ca682303e3be74a11b39778a64c57dd4460188f0521b8/yara_mail-3.2.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": null,
"digests": {
"blake2b_256": "5c4a0fd1dc35a711b6fca9c299168f67725ebabe211d17d8564a86272ef9095d",
"md5": "b996672f78213474b2fc7fa227688f47",
"sha256": "d5d36fedaa641c311b7e96d3b86499a42a01467fff8fd2968070af712423f305"
},
"downloads": -1,
"filename": "yara_mail-3.2.0.tar.gz",
"has_sig": false,
"md5_digest": "b996672f78213474b2fc7fa227688f47",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.7",
"size": 14366,
"upload_time": "2023-04-08T03:20:29",
"upload_time_iso_8601": "2023-04-08T03:20:29.170127Z",
"url": "https://files.pythonhosted.org/packages/5c/4a/0fd1dc35a711b6fca9c299168f67725ebabe211d17d8564a86272ef9095d/yara_mail-3.2.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2023-04-08 03:20:29",
"github": false,
"gitlab": false,
"bitbucket": false,
"lcname": "yara-mail"
}