Email Forensics

Comprehensive email forensics skill for analyzing email messages, mailbox archives, and email metadata. Enables investigation of phishing attacks, business email compromise (BEC), email spoofing, and extraction of forensically valuable artifacts from email data.

Capabilities

• Mailbox Parsing: Parse PST, OST, MBOX, EML, and MSG files
• Header Analysis: Deep analysis of email headers and routing
• Attachment Extraction: Extract and analyze email attachments
• Phishing Detection: Identify phishing indicators and techniques
• Spoofing Detection: Detect email spoofing and impersonation
• Link Analysis: Extract and analyze URLs in email content
• Timeline Generation: Create email-based communication timeline
• Thread Reconstruction: Rebuild email conversation threads
• Metadata Extraction: Extract sender, recipient, and routing metadata
• Authentication Analysis: Analyze SPF, DKIM, and DMARC results

Quick Start