maildb's Introduction

Maildb

Welcome to the Mail DataBase although it has expanded slightly now. Here is a list of all the things it does at the moment

Submit email from PCAP, Text stream, IMAP or POP servers

The email parser will read the headers extracting the main fields
Links, Img tags and Iframes sources extracted and listed
Any attatchments are extracted, Hashed stored and scanned with Yara, optionally you can include options to scan with Clam AV and submit to Virus Total
All the information extracted above is stored in to a SQLite Database as a Task.
All files are stored for further analysis
Options to submit file attatchments to Sandboxs, Cuckoo or FireEyes, MAS

###Http PCAP files

Extract all the streams
Parse the HTTP Headers
Extract all the HTTP Objects and files
Replicate the Server Path structure
Write the Header data to the SQLite Database as a Task

Management System

Micro management system allows you to track Tasks in the Database
Add Comments to Tasks
Set tasks as Reviewed, Events or Unchecked
Generate, Weekly, Montly, Yearly reports on all Submitted tasks
Trend analysis on all artefacts in the database

Requires:

Python 2.7
Mako
Bottle
Yara
BeautifulSoup (Included)

INSTALL:

See the INSTALL file for installation details

Tested On

Ubuntu 12.04
Windows 7 x64

To Do

Implement Cuckoo API
Finish the VT Function
Timer for the IMAP / POP Feeds
More reports / trends.

maildb's People

Contributors

Stargazers

Watchers

maildb's Issues

Help with Windows 7 install

Getting this error;

C:\Maildb-master>python Maildb.py
Traceback (most recent call last):
File "Maildb.py", line 36, in
auth = Cork('users', email_sender=None)
File "C:\Python27\lib\site-packages\bottle_cork-0.10-py2.7.egg\cork\cork.py",
line 79, in init
initialize=initialize)
File "C:\Python27\lib\site-packages\bottle_cork-0.10-py2.7.egg\cork\json_backe
nd.py", line 48, in init
self._refresh() # load users and roles
File "C:\Python27\lib\site-packages\bottle_cork-0.10-py2.7.egg\cork\json_backe
nd.py", line 58, in _refresh
self._loadjson(self._users_fname, self.users)
File "C:\Python27\lib\site-packages\bottle_cork-0.10-py2.7.egg\cork\json_backe
nd.py", line 90, in _loadjson
% (fname, e))
cork.base_backend.BackendIOException: Unable to parse JSON data from users/users
.json: No JSON object could be decoded

Additional dependencies

I had to install additional dependencies on top of the ones listed:
beaker
bottle-cork
cherrypy
pycrypto

users/users.json

Good afternoon,

Maildb.py requires users/users.json but that file is not present and I cannot find any documentation of that file. What should that file contain? Are there any other files that need to be customized?

Thank you.

-David

Recommend Projects

kevthehermit / maildb Goto Github PK