Skip to content
/ Embedded-Threat-Alerting-Prototype Public

prototype I made for a hackathon, scans emails for potentially malicious attachments and edits the email to warn the reciever, explain the threat, and generate a 'safe' version of the attachment.

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

LukeRoantree4815162342/Embedded-Threat-Alerting-Prototype

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
__pycache__
__pycache__
 
 
LICENSE
LICENSE
 
 
Outlook_MessageSource_example.eml
Outlook_MessageSource_example.eml
 
 
Outlook_MessageSource_with_csv.eml
Outlook_MessageSource_with_csv.eml
 
 
QuarterlyReportEmail.eml
QuarterlyReportEmail.eml
 
 
QuarterlyReportOriginal.eml
QuarterlyReportOriginal.eml
 
 
README.md
README.md
 
 
badthing.sh
badthing.sh
 
 
code-injection.jpg
code-injection.jpg
 
 
evil_file.csv
evil_file.csv
 
 
exploit.csv
exploit.csv
 
 
message_new.eml
message_new.eml
 
 
scan_csv.py
scan_csv.py
 
 
scan_csv.pyc
scan_csv.pyc
 
 
scan_eml.py
scan_eml.py
 
 

Repository files navigation

Prototype for rendering safe and alerting of Embedded Threats sent over Email

DO NOT OPEN 'exploit.csv' IN EXCEL!

It is an example of the type of exploit this prototype prevents against

I hard-coded it for my computer, but I don't gaurantee it won't post your credentials online if you open it. (Note opening it in Excel on a Windows computer will try to send the recievers SSH keys to a public-facing website. I will not accept any feature/pull requests that involve improving the exploit - I wrote it as an example of what could be sent and should not be used anywhere by anyone.

Usage:

run python scan_eml.py, follow the steps in the GUI. Note you'll need to have your email downloaded locally as a .eml file.

Demo:

view 'QuarterlyReportOriginal.eml' in outlook to see how it looks initially

run python scan_eml.py, select 'QuarterlyReportOriginal.eml' in the GUI

view 'QuarterlyReportEmail.eml' in outlook to see how the program has changed it.

Exploit Details:

This Prototype currently only works for a particular form of embedded exploits, and only in .csv format. It relies on spreadsheet programs such as Excel automatically trying to run 'formulae' in cells.

About

prototype I made for a hackathon, scans emails for potentially malicious attachments and edits the email to warn the reciever, explain the threat, and generate a 'safe' version of the attachment.

Topics

gui prototype email python3 email-parsing

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages