Spaces:
Sleeping
Sleeping
Update analyze_email_main.py
Browse files- analyze_email_main.py +32 -24
analyze_email_main.py
CHANGED
|
@@ -4,19 +4,14 @@ from body_analyzer import analyze_body
|
|
| 4 |
from url_analyzer import analyze_urls
|
| 5 |
|
| 6 |
def analyze(file_path):
|
| 7 |
-
# --- Parse email ---
|
| 8 |
headers, body, urls = parse_email(file_path)
|
| 9 |
|
| 10 |
-
# --- Analyze different components ---
|
| 11 |
header_findings, header_score = analyze_headers(headers)
|
| 12 |
body_findings, body_score, highlighted_body = analyze_body(body)
|
| 13 |
url_findings, url_score = analyze_urls(urls)
|
| 14 |
|
| 15 |
-
# --- Weighted total score ---
|
| 16 |
-
# Give extra weight to URLs and phishing indicators
|
| 17 |
total_score = header_score + body_score + (url_score * 1.5)
|
| 18 |
-
|
| 19 |
-
total_score = 100
|
| 20 |
|
| 21 |
# --- Final verdict ---
|
| 22 |
if total_score >= 70:
|
|
@@ -43,7 +38,7 @@ def analyze(file_path):
|
|
| 43 |
else:
|
| 44 |
attack_type = "General Phishing"
|
| 45 |
|
| 46 |
-
# --- Collect tags
|
| 47 |
tags = []
|
| 48 |
for finding in header_findings + body_findings + url_findings:
|
| 49 |
f_lower = finding.lower()
|
|
@@ -56,24 +51,37 @@ def analyze(file_path):
|
|
| 56 |
if "spam" in f_lower or "marketing" in f_lower:
|
| 57 |
tags.append("Spam Tone")
|
| 58 |
|
| 59 |
-
# ---
|
| 60 |
-
|
| 61 |
-
|
| 62 |
-
|
| 63 |
-
|
| 64 |
-
"
|
| 65 |
-
|
| 66 |
-
"---- Detailed Findings ----",
|
| 67 |
-
]
|
| 68 |
-
report.extend(header_findings + body_findings + url_findings)
|
| 69 |
-
report.append("---- Highlighted Body ----")
|
| 70 |
-
report.append(highlighted_body)
|
| 71 |
|
| 72 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 73 |
|
| 74 |
-
|
|
|
|
|
|
|
| 75 |
if __name__ == "__main__":
|
| 76 |
file_path = "sample.eml"
|
| 77 |
-
|
| 78 |
-
|
| 79 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 4 |
from url_analyzer import analyze_urls
|
| 5 |
|
| 6 |
def analyze(file_path):
|
|
|
|
| 7 |
headers, body, urls = parse_email(file_path)
|
| 8 |
|
|
|
|
| 9 |
header_findings, header_score = analyze_headers(headers)
|
| 10 |
body_findings, body_score, highlighted_body = analyze_body(body)
|
| 11 |
url_findings, url_score = analyze_urls(urls)
|
| 12 |
|
|
|
|
|
|
|
| 13 |
total_score = header_score + body_score + (url_score * 1.5)
|
| 14 |
+
total_score = min(total_score, 100)
|
|
|
|
| 15 |
|
| 16 |
# --- Final verdict ---
|
| 17 |
if total_score >= 70:
|
|
|
|
| 38 |
else:
|
| 39 |
attack_type = "General Phishing"
|
| 40 |
|
| 41 |
+
# --- Collect tags ---
|
| 42 |
tags = []
|
| 43 |
for finding in header_findings + body_findings + url_findings:
|
| 44 |
f_lower = finding.lower()
|
|
|
|
| 51 |
if "spam" in f_lower or "marketing" in f_lower:
|
| 52 |
tags.append("Spam Tone")
|
| 53 |
|
| 54 |
+
# --- Compact report ---
|
| 55 |
+
summary = {
|
| 56 |
+
"Final Verdict": verdict,
|
| 57 |
+
"Attack Type": attack_type,
|
| 58 |
+
"Attack Score": total_score,
|
| 59 |
+
"Main Tags": ", ".join(sorted(set(tags))) if tags else "No special tags"
|
| 60 |
+
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 61 |
|
| 62 |
+
details = {
|
| 63 |
+
"Header Findings": header_findings,
|
| 64 |
+
"Body Findings": body_findings,
|
| 65 |
+
"URL Findings": url_findings,
|
| 66 |
+
"Highlighted Body": highlighted_body
|
| 67 |
+
}
|
| 68 |
|
| 69 |
+
return summary, details
|
| 70 |
+
|
| 71 |
+
# --- Local testing ---
|
| 72 |
if __name__ == "__main__":
|
| 73 |
file_path = "sample.eml"
|
| 74 |
+
summary, details = analyze(file_path)
|
| 75 |
+
|
| 76 |
+
print("==== SUMMARY ====")
|
| 77 |
+
for k, v in summary.items():
|
| 78 |
+
print(f"{k}: {v}")
|
| 79 |
+
|
| 80 |
+
print("\n==== DETAILS ====")
|
| 81 |
+
for section, findings in details.items():
|
| 82 |
+
print(f"\n-- {section} --")
|
| 83 |
+
if isinstance(findings, list):
|
| 84 |
+
for f in findings:
|
| 85 |
+
print(f)
|
| 86 |
+
else:
|
| 87 |
+
print(findings)
|