An forensics tool to help aid in the investigation of spoofed emails based off the email headers.

Overview

                  logo
                   Stars Category License: MIT Pull Requests Py Version Demo Youtube
        A forensic tool to make analysis of email headers easy to aid in the quick discovery of the attacker.

Table of Contents

About mailMeta

  • What is mailMeta?

mailMeta is a python based forensic tool which reads through the email headers from the email file and extracts crucial information to identify if the email is legitimate.

  • What are the advantages of using mailMeta?

Have you ever heared of email hacking or sophisticated email crimes where a spoofed email is sent to the victim and the victim trusts this email based on the email address which is infact fake. These email contains mallicious links which can be used to extract some information or install some malware or backdoors on your device. So, in order to avoid you from this mailMeta comes to your rescue.

Here I have added instructions on how to download the email from the file and then pass it to the mailMeta executable. It then parses the headers and informs you if the mail is genuine or not. Whenever you are suspicious about an email be sure to check it once here. It can save you in most of the scenarios. If anyone has some ideas/updates feel free to open an issue or create a pull request.

  • What are the information revealed by the mailMeta? mailMeta parses the following headers:

    • Message-ID
    • SPF-Record
    • DKIM-Record
    • DMARC-Record
    • Spoofed Email detection based on the above headers
    • IP-Address of the sender
    • Service Provider used for sending the email
    • Content-Type
    • Data and Time
    • Subject
  • Why is it important to check such parameters?

    • ONGC Email Phising There are many more such cases which you can find online releated to email crimes.

Installation

You have two methods to use metaMail. Either you can download the github repo and run the meta.py file from the command line. Make sure you have all requirements installed in this case like python3. You may also run the standalone binaries. This is for those who have very little technical knowledge.


1. Clone the repository
  git clone https://github.com/gr33nm0nk2802/mailMeta
  1. Running from the meta.py file
  cd mailMeta
  python3 meta.py

git-clone

Additionally you can directly download the executable from the Releases and use them.

Usage


Either you are on windows or linux first download the original metadata of the email using the show original / view raw / download original option.

Then we pass the eml file to the executable.

This is a demo of how to download the mail. You should find something similar.

mail-download

Linux

  1. Use meta.py from the cloned repo. (Python is required)
python3 meta.py -f message.eml

metapy-linux

or

  1. Downloading the meta executable for linux and giving it executable permissions. Then supplying the eml file to the pre-compiled binary. (No dependencies)
wget https://github.com/gr33nm0nk2802/mailMeta/releases/download/1.0.0/meta
chmod +x meta
meta -f message.eml

meta-linux

Windows

  1. Executing the precompiled binaries downloaded from the releases page. (No dependencies needed)
meta.exe -f .\message.eml

win-meta-exe


or

  1. Running from the repository clonned (Python Required)
python3 meta.py -f message.eml

win-meta-py

Demo

This is a sample demonstration explaining all the procedures. First it has the steps for running on linux then it has the steps needed for running on windows just in case you are struck.

demo-gif

Contributions

Contributions and pull requests are highly encouraged for this project.

Inspiration

This project has been made as a part of the GPCSSIP 2021 under the mentorship of Rakshit Tandon sir to help aid in the detection of spoofed email and their tracking.

FAQ

What is the accuracy of this tool? This tool simply reads the raw data of the mail downloaded.

License

This project is licensed under the MIT license.

You might also like...
Midas ELF64 Injector is a tool that will help you inject a C program from source code into an ELF64 binary.

Midas ELF64 Injector Description Midas ELF64 Injector is a tool that will help you inject a C program from source code into an ELF64 binary. All you n

This tool help you to check if your Windows machine has hidden miner.

Hidden Miner Detector This tool help you to check if your Windows machine has hidden miner. Miners track when you open antivirus software or task mana

Fuzz introspector is a tool to help fuzzer developers to get an understanding of their fuzzer’s performance and identify any potential blockers.
Fuzz introspector is a tool to help fuzzer developers to get an understanding of their fuzzer’s performance and identify any potential blockers.

Fuzz introspector Fuzz introspector is a tool to help fuzzer developers to get an understanding of their fuzzer’s performance and identify any potenti

A tool to crack a wifi password with a help of wordlist
A tool to crack a wifi password with a help of wordlist

A tool to crack a wifi password with a help of wordlist. This may take long to crack a wifi depending upon number of passwords your wordlist contains. Also it is slower as compared to social media accounts cracking. I've made enough efforts to make it as fast as possible

This is a multi-password‌ cracking tool that can help you hack facebook accounts very quickly

Pro_Crack Facebook Fast Cracking Tool This is a multi-password‌ cracking tool that can help you hack facebook accounts very quickly Installation On Te

Find existing email addresses by nickname using API/SMTP checking methods without user notification. Please, don't hesitate to improve cat's job! 🐱🔎 📬
Find existing email addresses by nickname using API/SMTP checking methods without user notification. Please, don't hesitate to improve cat's job! 🐱🔎 📬

mailcat The only cat who can find existing email addresses by nickname. Usage First install requirements: pip3 install -r requirements.txt Then just

Magicspoofing - A python3 script for search possible misconfiguration in a DNS related to security protections of email service from the domain name
Magicspoofing - A python3 script for search possible misconfiguration in a DNS related to security protections of email service from the domain name

A python3 script for search possible misconfiguration in a DNS related to security protections of email service from the domain name. This project is for educational use, we are not responsible for its misuse.

PoC for CVE-2021-45897 aka SCRMBT-#180 - RCE via Email-Templates (Authenticated only) in SuiteCRM <= 8.0.1
PoC for CVE-2021-45897 aka SCRMBT-#180 - RCE via Email-Templates (Authenticated only) in SuiteCRM = 8.0.1

CVE-2021-45897 PoC for CVE-2021-45897 aka SCRMBT-#180 - RCE via Email-Templates (Authenticated only) in SuiteCRM = 8.0.1 This vulnerability was repor

DirBruter is a Python based CLI tool. It looks for hidden or existing directories/files using brute force method. It basically works by launching a dictionary based attack against a webserver and analyse its response.

DirBruter DirBruter is a Python based CLI tool. It looks for hidden or existing directories/files using brute force method. It basically works by laun

Comments
  • Couldn't detect/analyze spoofed email

    Couldn't detect/analyze spoofed email

    hi, received this spoofed email but tried using mailMeta, it did not give much info on this spoofed email.

    mail.txt

    Return-Path: [email protected]

    Delivered-To: [email protected]

    Received: from herod.dnsvine.com

    by herod.dnsvine.com with LMTP
    
    id gA5JCtpa7mFxeQ4AYzko9Q
    
    (envelope-from <[email protected]>)
    
    for <[email protected]>; Mon, 24 Jan 2022 15:52:58 +0800
    

    Return-path: [email protected]

    Envelope-to: [email protected]

    Delivery-date: Mon, 24 Jan 2022 15:52:58 +0800

    Received: from mail-eopbgr1300103.outbound.protection.outlook.com ([40.107.130.103]:14955 helo=APC01-HK2-obe.outbound.protection.outlook.com)

    by herod.dnsvine.com with esmtps  (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
    
    (Exim 4.94.2)
    
    (envelope-from <[email protected]>)
    
    id 1nBu9e-003ylP-F1; Mon, 24 Jan 2022 15:52:53 +0800
    

    ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;

    b=JYIbzZAHAleksvQ0oRj5+CaWTupFy3jvMS4M8IAVSyep4qdUTysei6HYYrdRnlR4LAeTgkb0ySMDXIFrTAPLxuC4wRFLhoI8j+Q1HZg6eqrvojGG5BkGNnYraRLeJfAypf4UftcsXxnjDSzfkOkI0Z3VJpqMR3hh6wph4rczg8HoyEjjfTn6ofe8bASM+NIObFHihFK0QXsy5WKkPIxSuQUo231VbycMtwgNqCLyzSHU/TmdOQL+1mePG1wHyuor6EJXX23i4kdGoy82DrLc4ZeClCZpdQBR8N5LsAvmXH01unN8zY6AjYHTTbed6fK2WqH2LWn7jz1u9hqaYFoTHQ==

    ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

    s=arcselector9901;

    h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

    bh=pj1BvmZvSopomFS5uE7XvJZ1WgKbJ43tIkqpjqwRB9U=;

    b=P0LpIS4skVuWmFbtgnX4eFXuj2MZ4LMgtxjY2aO2UiYNFJj2zbBetvXcUUAO9I8zcYlVONjqbTr15tdSi3dWi/HM2oE9AZ4MlcDTH9+6rMvwvwchVRCp5jM4BimUCmgqoLVvjjU+LaB5cprHL+9VjMWv5uLIOQCsDdYjU1MGUUI+heIGDzcrgCsXOSnjLcDOQzQilxagpTJE2f4fQS672YiNmrn7BspCVEVummsC6Pr6sfTi0NhOKQ7uQq6K8Y+ZgYPV1HXtqRH0w527VUJRALD3Stpoibh0rxP3eziCeXyIVhlxwCKL6ccY4BMw916g/WFbI8w1BHrSaNSZPMwDaw==

    ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

    dkim=none; arc=none

    DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=travel.onmicrosoft.com;

    s=selector2-travel-onmicrosoft-com;

    h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

    bh=pj1BvmZvSopomFS5uE7XvJZ1WgKbJ43tIkqpjqwRB9U=;

    b=qzjZ7fIvq737g1o/kr8dtQV7Ruzb1lS1bDMd4CsF2KPeKci43zsmN2hsw/xMuDdTwhvxZPZxsIXn0szbDtpUX2uG/jI7/X4MCf8iZwxUHLDwo5BMViaIWzK+tfm+ZB+/uQJ2jetSMECu9pCuZK5Jj5AMiK4Zer6cRsUHlyfAT1k=

    Received: from KL1PR03MB4935.apcprd03.prod.outlook.com (2603:1096:820:1c::23)

    by HK0PR03MB3074.apcprd03.prod.outlook.com (2603:1096:203:4e::19) with

    Microsoft SMTP Server (version=TLS1_2,

    cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4930.6; Mon, 24 Jan

    2022 07:52:31 +0000

    Received: from KL1PR03MB4935.apcprd03.prod.outlook.com

    ([fe80::6147:e8df:b5a6:6cb3]) by KL1PR03MB4935.apcprd03.prod.outlook.com

    ([fe80::6147:e8df:b5a6:6cb3%3]) with mapi id 15.20.4930.014; Mon, 24 Jan 2022

    07:52:30 +0000

    From: Frederick Teng [email protected]

    Subject:

    =?utf-8?B?Rlc6IEpIIFllZSAmIENvIOKAk3x8IFJFOiBQUk9KRUsgTE9KSSBNRU5DVUNJ?=

    =?utf-8?B?IFBBU0lSIFNJTElLQSBESSBUQVBBSyBBVEFTIFNFQkFIQUdJQU4gS0FXQVNB?=

    =?utf-8?B?TiBUQU5BSCBESSBMT1QgNDI0NSwgS0FXQVNBTiBCVUtJVCBTQUdBLCBQRU5H?=

    =?utf-8?B?RVJBTkcgU0VMVUFTIDgwIEVLQVIgKOKAnFByb2playB0ZXJzZWJ1dOKAnSk=?=

    Thread-Topic:

    =?utf-8?B?Rlc6IEpIIFllZSAmIENvIOKAk3x8IFJFOiBQUk9KRUsgTE9KSSBNRU5DVUNJ?=

    =?utf-8?B?IFBBU0lSIFNJTElLQSBESSBUQVBBSyBBVEFTIFNFQkFIQUdJQU4gS0FXQVNB?=

    =?utf-8?B?TiBUQU5BSCBESSBMT1QgNDI0NSwgS0FXQVNBTiBCVUtJVCBTQUdBLCBQRU5H?=

    =?utf-8?B?RVJBTkcgU0VMVUFTIDgwIEVLQVIgKOKAnFByb2playB0ZXJzZWJ1dOKAnSk=?=

    Thread-Index: AdgH/hsPqCsgvw1rSi+pvzRPVZgXEw==

    Date: Mon, 24 Jan 2022 07:52:29 +0000

    Message-ID:

    KL1PR03MB49353[email protected]

    Accept-Language: en-US

    Content-Language: en-US

    X-MS-Has-Attach: yes

    X-MS-TNEF-Correlator:

    authentication-results: dkim=none (message not signed)

    header.d=none;dmarc=none action=none header.from=travel.com;

    x-ms-publictraffictype: Email

    x-ms-office365-filtering-correlation-id: 88c0e8cb-2116-4689-0ebc-08d9df0e7966

    x-ms-traffictypediagnostic: HK0PR03MB3074:EE_

    x-ld-processed: 9606303e-7a90-4753-aea9-1ec019ee766c,ExtAddr

    x-microsoft-antispam-prvs:

    HK0PR03MB30743[email protected]

    x-ms-oob-tlc-oobclassifiers: OLM:4125;

    x-ms-exchange-senderadcheck: 1

    x-ms-exchange-antispam-relay: 0

    x-microsoft-antispam: BCL:0;

    x-microsoft-antispam-message-info:

    MCcRhZEgzzMfYOPOa+GQFCYuDMSocJm7RbyfPXDELPFJZ12hQHUBl9yJGUP6nXlvqhPAdE7P9+8WSl9KOFAewg29zNFTv49GK3Wr+UUJeOSTyjni9jJkw2Rq0DSnDsur5jBs4Z8kwxIa9rfkch2CWpGixvycpzG6qtWg4oztWxg5dgTlhC2dNJKBMgLvmvP/bSfzGwjatKZbUeQavOctUN2Z/vQ83sXH9+/+jJghof+iqfrQ5fSgrm9dSDwhEkmvIw9xa/w/RyxNJSPRtaCAx6+hBU9gfGoda//BVsgYEtklLN5HWUKIhIV84f9p9SMlw4I6NnKTl9zBHXO9JCrqT90rFl3SJQ6C8ZX8Vgzf/DZZWOhF8+5PHLinzuEpr2LChc/WkZhUpbsNi3XIVkjavbSk++Qit5eOFjKfI92ECAwPQwzPrvuHrK7/zfurLN8jT3ryW9dtcqxQ2gydfXw7V/2/YMpv8IZGDiaMc2Qw7fTtcJi0uHrQfWiw092VD9lOiiiSdnrMYLUNM1RiILtYqEWzC3SXOjvWBqbq+CYChMQGaouYRz3uJvnW2XjgsfmZ9A2r0/6BeuXaidQ1AqXjnJoroAj4x3wTiEkNBDVdZ9BhD/8dshZsRx3tuRMCxCLcdXzGkJfqIj++JKEmf51Jyif4YBzdT6xRtBB5+eojYOuhATNdYNsnxe9GlkSj5MAA5mzQ2YNZZW4cCa2NpRMEu0vobaUvr13FbaoU/uxlE86AhlUDOi3y6LCTp4LCSjCbom7mUWtDUSLLdC8WeZ+rhQ==

    x-forefront-antispam-report:

    CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:KL1PR03MB4935.apcprd03.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230001)(366004)(316002)(2906002)(7366002)(7406005)(55016003)(7336002)(5660300002)(33656002)(86362001)(7276002)(7416002)(109986005)(71200400001)(66476007)(166002)(76116006)(122000001)(64756008)(99936003)(38070700005)(52536014)(66556008)(8936002)(66446008)(26005)(38100700002)(6506007)(9686003)(508600001)(7696005)(66946007)(186003)(65686005)(83380400001)(219773003)(20210929001);DIR:OUT;SFP:1102;

    x-ms-exchange-antispam-messagedata-chunkcount: 1

    x-ms-exchange-antispam-messagedata-0:

    =?utf-8?B?dXVPWXlkTlZDS3FQeU04WnUxb1dPSGdxV0g3N1F0ajAzN3FuNWZjaUROcW12?=

    =?utf-8?B?Z1pkaGVDc0xrMUhZSStJcUQ0elQ5eXVuRDRSaWtjdkloTWphT283dFFYejlq?=

    =?utf-8?B?aUl6U0dtaW9xV1l4UG5ZSWM1WWZjaTBOeDE2T085OHB4NFNrQkVrd0ZUR1JV?=

    =?utf-8?B?YlF5MWZsVTJQNUxBSjZWWE51cFRCbmw2TlhITjVmSUJudXRMUzZwdDNtZUNi?=

    =?utf-8?B?TldxeDR0eThKUVR4cUtLQ0h4L2RxRk91Vkc5QmU2T3pOK2NoNnl1UXh1R3hz?=

    =?utf-8?B?SGx0OVowMGRBVDV0ZmFIbWFrUXpYNzcxQU80dEVQWDdzZTBnK0hVWVk5Mjds?=

    =?utf-8?B?WXlDM2wrSUFZdy9GU1I3ZXE1VGFzaU1JVmNMbFBwUkJNemxvaE1GeXJJT1I1?=

    =?utf-8?B?dXlZemhkc0JsVkFwcEtzbUNZZ0JOZmtLQ3QxdnVEMUp6NEhSMDRpQUVkN2t5?=

    =?utf-8?B?YTZYaStYSEdZWVF4SkQ0NTQ4WmM1Z0I5SmpwWHNsallubjdCL2p6d1dSb0ZB?=

    =?utf-8?B?MjB3ZjhjNUl2OXh4b2M1a2c3aHJualplUktoLytQUE14VkRJcC8vY3JJYUow?=

    =?utf-8?B?RzljTkNyMWF6VUxXUlQ5SFV5K1g5WVNZVWtqeUhzTFI3MkgyaWRmdVJjeW9L?=

    =?utf-8?B?cXJSNXloMndDcWdQV0R3UFpXN1FJNWJ3UFgrdzZhK1VlVDJ0aW1iODNDY0J5?=

    =?utf-8?B?ZW0vaVU4YURCTExDMEZIaXFmVWJ0VU05eUdZNk0xaWhLUklDRmw1MFh1NlFt?=

    =?utf-8?B?WUE1NThlYmRXZEVBVDUrNTFJSitMZVVKeTZ0WGxad0IzcTBYY1NTcFRjeUJ2?=

    =?utf-8?B?N0haYWpwelhkL0RBaUVkSytkay9hKzlFUm9qNzN5ekxnbnVNNm1JdUNseGJi?=

    =?utf-8?B?MWZQQjhuQWdIYm4zTW90R1lwYStJUSttZVVpYzdGSGlmZ1FscVdIZ0NWaVg3?=

    =?utf-8?B?VExHbFNPakQzVjlHMVJ0Yi85NFQwRWVzVnZ4UXlNZHlZZUlqQ2kyOVVVSWpx?=

    =?utf-8?B?WDdVMFI1M0l6WkZYN3B5eHFFTTBOMnJsaFpWZ1NDTDZVTzdLRzdEZXRpV0Vo?=

    =?utf-8?B?L3VMYXNRdXVSbjZORXRFeXhsV2J5ekZTcW5pKzZhbFUrRkFzTk9oTXVLZEx6?=

    =?utf-8?B?ZmJtY0RaN0hCa2ExLzZWQjhsUm42RnpVYXh5RlZuVUo5d211SmxhVU4xeFdX?=

    =?utf-8?B?d0hoSGQrdHA1SWpPNC91MkVQYzVDaGFOaVV5K3BlN093UUJtOVNIVTRBSjR2?=

    =?utf-8?B?QzEvaE1wbmkrQXQ5NHdrZ2pHMUtvbmRZQkRzWjUvbkQwNlBKeDZuaXVhYUdB?=

    =?utf-8?B?dU41anBuUTl5ZVpyWEYzZjYyeTVrTTNUVGhQNjVnZ2gzSjRPUjdtTlowbCtN?=

    =?utf-8?B?Zm1IWGVJMGtkdUt1S0l4U1pjTWcwL2hnYW11Y00zYWp4RzhBRHljVExtNDd2?=

    =?utf-8?B?cUFGQlZOdjlJeHpnVldONEZ1UmtHL3UyTkNtOXFKSlFma0M3UzJ6M2ZUYzlW?=

    =?utf-8?B?RXA5VjV3Q3A5V1Y0dDlaUG9uMmdpZHpzV0N6Y2Q5Zk1GRCtjNGJ0RmRja1RD?=

    =?utf-8?B?b2UzYTUyNDQ3UVBKL1R6VFVFeEJYN3VnRk1rWHBWajVmTXlmUGVWYjFKaG0w?=

    =?utf-8?B?cGhyQVBxZDRYeDNYQ1ZuNzJWWVgzZ0FsK0xrNFlwTmRlLysrNUF0Z2R3eWEz?=

    =?utf-8?B?TUNLY3dUakNxRUdCUnNDNDNmaFo0L0EyQUFwSjY2djV1TnFGd3d6NDNKLzdM?=

    =?utf-8?B?NnVqZFJnQWNtVXBNaWYvU2R4ZU5QYmwyWjEySHFvSERkeGNZWGtGU0FNcUdG?=

    =?utf-8?B?SGYvWlNHdzVRbVZ6VzJYVnFlSW1lbTE3RUdpYkVNWmlhT0V3TW9PTFpicUFt?=

    =?utf-8?B?WUh4cHFBSGFoeEdVM3BFRDEvQm9FV3YrbVJxQ1hTNVNiZW1qd1hvK3plWEN6?=

    =?utf-8?B?Rit5R0dibnlNRHRBcmcrNUtEc1Zkd2wvWmFyWVdwdW9uaTd0VGx6aDFSdU0w?=

    =?utf-8?B?Y0dORTBwS0Ezb1hyZVVTcG53L3BMMDdPRXhmQlUzOHU3aVlBY1V4OUhYRnd2?=

    =?utf-8?B?TXdoV0VmanJJMUlqNUdudGZQRlJBOU5rbS9oWGRvejhlMFlmTWVrUUUxNmpO?=

    =?utf-8?B?d0F5bG55MVI5TDJUc3BDbjYveFMxT0hhdHRHWnNQdS9DTlJRRGVlV1RNeXp5?=

    =?utf-8?B?MkE9PQ==?=

    Content-Type: multipart/related;

    boundary="_005_KL1PR03MB493530C5120256BA382CE231AD5E9KL1PR03MB4935apcp_";
    
    type="multipart/alternative"
    

    MIME-Version: 1.0

    X-OriginatorOrg: travel.com

    X-MS-Exchange-CrossTenant-AuthAs: Internal

    X-MS-Exchange-CrossTenant-AuthSource: KL1PR03MB4935.apcprd03.prod.outlook.com

    X-MS-Exchange-CrossTenant-Network-Message-Id: 88c0e8cb-2116-4689-0ebc-08d9df0e7966

    X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Jan 2022 07:52:29.7342

    (UTC)

    X-MS-Exchange-CrossTenant-fromentityheader: Hosted

    X-MS-Exchange-CrossTenant-id: 9606303e-7a90-4753-aea9-1ec019ee766c

    X-MS-Exchange-CrossTenant-mailboxtype: HOSTED

    X-MS-Exchange-CrossTenant-userprincipalname: Gtxw+KrQp4ZodPO2RABFEqEFP9eSXrcSA6XwCwk53AzJbgcl7izD8NWh6fH1MbZHM5ZlPzpfvnWbJ87ZSgzgxg==

    X-MS-Exchange-Transport-CrossTenantHeadersStamped: HK0PR03MB3074

    X-Spam-Status: No, score=1.2

    X-Spam-Score: 12

    X-Spam-Bar: +

    X-Ham-Report: Spam detection software, running on the system "herod.dnsvine.com",

    has NOT identified this incoming email as spam. The original

    message has been attached to this so you can view it or label

    similar future email. If you have any questions, see

    [email protected] for details.

    Content preview: [cid:[email protected]]https://travel.deskera.com/wb

    Thanks and warmest regards, James Fernand | 陈少秦| Partner [cid:[email protected]]
    
    Telephone No. : +500 - 8711 84444 Fascimile No. : +500 - 8711 84443 Address
    
    : KO2-55-03, M Office 5, Sunleeds, Hoolows S [...] 
    

    Content analysis details: (1.2 points, 5.0 required)

    pts rule name description


    0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was

                             blocked.  See
    
                             http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
    
                              for more information.
    
                             [URIs: deskera.com]
    

    -0.0 SPF_HELO_PASS SPF: HELO matches SPF record

    -0.0 SPF_PASS SPF: sender matches SPF record

    1.2 MISSING_HEADERS Missing To: header

    0.0 HTML_MESSAGE BODY: HTML included in message

    -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

    0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily

                             valid
    

    X-Spam-Flag: NO

    opened by jepunband 0
  • Differences w/ Antispam software

    Differences w/ Antispam software

    Hello,

    Just heard about this project from a tweet by Nicolas Crassas. As I understand it, it does more or less part of an antispam software job, like looking at spf record and dkim signature. Are there any differences with antispam software like SpamAssassin for eg. ?

    opened by ychaouche 2
Releases(1.0.0)
Owner
Syed Modassir Ali
Computer Science and Engineering Student at Jalpaiguri Government Engineering College.
Syed Modassir Ali
A Python r2pipe script to automatically create a Frida hook to intercept TLS traffic for Flutter based apps

boring-flutter A Python r2pipe script to automatically create a Frida hook to intercept TLS traffic for Flutter based apps. Currently only supporting

Hamza 64 Oct 18, 2022
Tools Crack Fb Terbaru

Tools Crack Fb Terbaru

Jeeck 12 Jan 06, 2022
CVE-2022-22965 - CVE-2010-1622 redux

CVE-2022-22965 - vulnerable app and PoC Trial & error $ docker rm -f rce; docker build -t rce:latest . && docker run -d -p 8080:8080 --name rce rce:la

Duarte Duarte 20 Aug 25, 2022
Midas ELF64 Injector is a tool that will help you inject a C program from source code into an ELF64 binary.

Midas ELF64 Injector Description Midas ELF64 Injector is a tool that will help you inject a C program from source code into an ELF64 binary. All you n

midas 20 Dec 24, 2022
Script for automatic dump and brute-force passwords using Volatility Framework

Volatility-auto-hashdump Script for automatic dump and brute-force passwords using Volatility Framework

whoamins 11 Apr 11, 2022
Visibility and Mitigation for Log4J vulnerabilities

Visibility and Mitigation for Log4J vulnerabilities Several scripts for the visibility and mitigation of Log4J vulnerabilities. Static Scanner - Linux

SentinelLabs 15 May 21, 2022
Flutter Reverse Engineering Framework

This framework helps reverse engineer Flutter apps using patched version of Flutter library which is already compiled and ready for app repacking. There are changes made to snapshot deserialization p

PT SWARM 910 Jan 01, 2023
POC of CVE-2021-26084, which is Atlassian Confluence Server OGNL Pre-Auth RCE Injection Vulneralibity.

CVE-2021-26084 Description POC of CVE-2021-26084, which is Atlassian Confluence Server OGNL(Object-Graph Navigation Language) Pre-Auth RCE Injection V

antx 9 Aug 31, 2022
Metal Gear Online 2 (MGO2) stage files decryption

Metal Gear Online 2 decryption tool Metal Gear Online 2 (MGO2) has an additional layer of encryption for stage files. I was not able to find info abou

4 Sep 02, 2022
A decompilation of the Nintendo Switch version of Captain Toad: Treasure Tracker

cttt-decomp A decompilation of the Nintendo Switch version of Captain Toad: Trea

shibbs 14 Aug 17, 2022
Show apps recorded storage files by jailbreak

0x101 Show registered storage files of apps by jailbreak Legal disclaimer: Usage of insTof for attacking targets without prior mutual consent is illeg

0x 4 Oct 24, 2022
Writing and posting code throughout my new journey into python!

bootleg-productions consider this account to be a journal for me to record my progress throughout my python journey feel free to copy codes from this

1 Dec 30, 2021
Übersicht remote command execution 0day exploit

Übersicht RCE 0day Unauthenticated remote command execution 0day exploit for Übersicht. Description Übersicht is a desktop widget application for m

BoofGang 10 Dec 21, 2021
Compilation of resources and insights that helped me on my journey to data scientist

Compilation of resources and insights that helped me on my journey to data scientist

Conor Dewey 1.5k Jan 02, 2023
The next level Python obfuscator, nearly impossible to deobfuscate.

🐸 Kramer 🐸 Kramer is a next level obfuscation tool written in Python3 allowing you to obfuscate your Python3 code easily and securely. It uses Berse

Billy 114 Dec 26, 2022
This repo created for bypassing Widevine L3 DRM and obtaining keys.

First run: Copy headers (with cookies) of POST license request from browser to headers.py like dictionary. pip install -r requirements.txt # if doesn'

Mikhail 263 Jan 07, 2023
Code to do NF in HDR,HEVC,HPL,MPL

Netflix-DL 6.0 |HDR-HEVC-MPL-HPL NOT Working| ! Buy working netflix cdm from [em

4 Dec 28, 2021
vulnerable APIs

vulnerable-apis vulnerable APIs inspired by https://github.com/mattvaldes/vulnerable-api Setup Docker If, Out of the box docker pull kmmanoj/vulnerabl

9 Jun 01, 2022
Statistical Random Number Generator Attack Against The Kirchhoff-law-johnson-noise (Kljn) Secure Key Exchange Protocol

Statistical Random Number Generator Attack Against The Kirchhoff-law-johnson-noise (Kljn) Secure Key Exchange Protocol

zeze 1 Jan 13, 2022
Enhancing Twin Delayed Deep Deterministic Policy Gradient with Cross-Entropy Method

Enhancing Twin Delayed Deep Deterministic Policy Gradient with Cross-Entropy Method Hieu Trung Nguyen, Khang Tran and Ngoc Hoang Luong Setup Clone thi

Evolutionary Learning & Optimization (ELO) Lab 6 Jun 29, 2022