Advanced Email Forensics Platform
EnvelopeX is a comprehensive email forensics platform designed for cybersecurity professionals, SOC analysts, and incident responders. It provides deep forensic analysis of email messages with advanced threat detection and authentication validation.
- Email Forensics: Deep analysis of EML and TXT email files
- Authentication Analysis: SPF, DKIM, and DMARC validation
- Threat Detection: URL extraction, IP analysis, and anomaly detection
- Professional Dashboard: 8-tab analysis interface with dark/light themes
- Analysis History: Local storage of previous analyses
- Python 3.11 or higher
- pip package manager
git clone https://github.com/mandal-suman/EnvelopeX.git
cd EnvelopeX
python3 -m venv venv
source venv/bin/activate # Linux/Mac
pip install -r requirements.txt
python app.pyAccess the platform at http://localhost:5000
- Upload Email: Drag & drop or select EML/TXT file
- Start Analysis: Click "Start Forensic Analysis"
- View Results: Navigate through analysis tabs
- Access History: Review previous analyses
- Details: Email metadata and file information
- Authentication: SPF, DKIM, DMARC validation
- URLs: Extracted URLs and risk assessment
- Attachments: File details with hashes
- Transmission: Email routing visualization
- X-Headers: Extended header information
- MIME Structure: Message structure tree
- Body Contents: Plain text, HTML source, and preview
EnvelopeX/
├── app.py # Flask application
├── requirements.txt # Dependencies
├── core/ # Core modules
│ ├── analyzer.py # Forensics analyzer
│ └── parser.py # Email parser
├── templates/ # HTML templates
│ └── index.html # Main dashboard
└── static/ # CSS and JavaScript
├── css/style.css
├── js/main.js
└── js/results-renderer-new.js
- No data persistence (in-memory only)
- 25MB file size limit
- Strict file validation
- HTML sanitization
- Sandboxed HTML preview
MIT License - see LICENSE file for details.
- GitHub: @mandal-suman
- Issues: Report Bugs
EnvelopeX v1.0.0 - Made with 🔐 by security professionals