This Flask application allows users to upload email files or paste raw email headers for analysis. It provides a detailed report on email headers, attachments, IP addresses involved in the email path, and checks for possible email spoofing.
- Parse email headers and extract important information.
- Scan email attachments using VirusTotal API.
- Visualize the path of the email based on IP addresses.
- Check for potential email spoofing by analyzing SPF, DKIM, and DMARC results.
- Generate a visual report of the email's journey through different IPs.
Ensure you have the following installed:
- Python 3.7 or higher
- pip (Python package installer)
-
Clone the repository:
git clone https://github.com/yourusername/email-header-analyzer.git cd email-header-analyzer
-
Install dependencies:
pip install -r requirements.txt
-
Set up VirusTotal API key:
- Obtain an API key from VirusTotal.
- Replace the placeholder
VT_API_KEY
in theapp.py
file with your actual VirusTotal API key.
-
Run the application:
python app.py
-
Access the application:
Open a web browser and navigate to
http://127.0.0.1:5000/
. -
Analyze an email:
- Upload an email file or paste raw email headers.
- Click "Analyze" to view the detailed report.
app.py
: The main Flask application file.templates/
: Folder containing HTML templates.index.html
: The homepage template for uploading files or pasting email headers.result.html
: The template for displaying analysis results.
requirements.txt
: List of dependencies required to run the application.README.md
: This file, providing an overview and setup instructions.
Contributions are welcome! Please feel free to submit a Pull Request or report any issues.
- VirusTotal for providing the API for scanning email attachments.
- IPWhois for the IP geolocation functionality.
- Flask for the web framework.
- Matplotlib for data visualization.