Spaces:
Sleeping
Sleeping
Update analyze_email_main.py
Browse files- analyze_email_main.py +12 -5
analyze_email_main.py
CHANGED
|
@@ -4,16 +4,23 @@ from body_analyzer import analyze_body
|
|
| 4 |
from url_analyzer import analyze_urls
|
| 5 |
|
| 6 |
def analyze(file_path):
|
|
|
|
| 7 |
headers, body, urls = parse_email(file_path)
|
| 8 |
|
|
|
|
| 9 |
header_findings, header_score = analyze_headers(headers)
|
| 10 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
| 11 |
url_findings, url_score = analyze_urls(urls)
|
| 12 |
|
|
|
|
| 13 |
total_score = header_score + body_score + (url_score * 1.5)
|
| 14 |
total_score = min(total_score, 100)
|
| 15 |
|
| 16 |
-
# ---
|
| 17 |
if total_score >= 70:
|
| 18 |
verdict = "π¨ Malicious"
|
| 19 |
elif 50 <= total_score < 70:
|
|
@@ -25,6 +32,7 @@ def analyze(file_path):
|
|
| 25 |
|
| 26 |
# --- Determine attack type ---
|
| 27 |
body_lower = body.lower()
|
|
|
|
| 28 |
if any(word in body_lower for word in ["invoice", "payment", "wire transfer", "bank details"]):
|
| 29 |
attack_type = "Invoice/Payment Fraud (BEC)"
|
| 30 |
elif any(word in body_lower for word in ["password", "verify", "account", "login", "credentials"]):
|
|
@@ -35,8 +43,6 @@ def analyze(file_path):
|
|
| 35 |
attack_type = "Spam / Marketing"
|
| 36 |
elif verdict == "β
Safe":
|
| 37 |
attack_type = "Benign / Normal Email"
|
| 38 |
-
else:
|
| 39 |
-
attack_type = "General Phishing"
|
| 40 |
|
| 41 |
# --- Collect tags ---
|
| 42 |
tags = []
|
|
@@ -51,7 +57,7 @@ def analyze(file_path):
|
|
| 51 |
if "spam" in f_lower or "marketing" in f_lower:
|
| 52 |
tags.append("Spam Tone")
|
| 53 |
|
| 54 |
-
# ---
|
| 55 |
summary = {
|
| 56 |
"Final Verdict": verdict,
|
| 57 |
"Attack Type": attack_type,
|
|
@@ -59,6 +65,7 @@ def analyze(file_path):
|
|
| 59 |
"Main Tags": ", ".join(sorted(set(tags))) if tags else "No special tags"
|
| 60 |
}
|
| 61 |
|
|
|
|
| 62 |
details = {
|
| 63 |
"Header Findings": header_findings,
|
| 64 |
"Body Findings": body_findings,
|
|
|
|
| 4 |
from url_analyzer import analyze_urls
|
| 5 |
|
| 6 |
def analyze(file_path):
|
| 7 |
+
# --- Parse the email ---
|
| 8 |
headers, body, urls = parse_email(file_path)
|
| 9 |
|
| 10 |
+
# --- Analyze headers ---
|
| 11 |
header_findings, header_score = analyze_headers(headers)
|
| 12 |
+
|
| 13 |
+
# --- Analyze body (updated analyzer with improvements) ---
|
| 14 |
+
body_findings, body_score, highlighted_body, body_verdict = analyze_body(body)
|
| 15 |
+
|
| 16 |
+
# --- Analyze URLs ---
|
| 17 |
url_findings, url_score = analyze_urls(urls)
|
| 18 |
|
| 19 |
+
# --- Calculate total score ---
|
| 20 |
total_score = header_score + body_score + (url_score * 1.5)
|
| 21 |
total_score = min(total_score, 100)
|
| 22 |
|
| 23 |
+
# --- Determine final verdict ---
|
| 24 |
if total_score >= 70:
|
| 25 |
verdict = "π¨ Malicious"
|
| 26 |
elif 50 <= total_score < 70:
|
|
|
|
| 32 |
|
| 33 |
# --- Determine attack type ---
|
| 34 |
body_lower = body.lower()
|
| 35 |
+
attack_type = "General Phishing" # default
|
| 36 |
if any(word in body_lower for word in ["invoice", "payment", "wire transfer", "bank details"]):
|
| 37 |
attack_type = "Invoice/Payment Fraud (BEC)"
|
| 38 |
elif any(word in body_lower for word in ["password", "verify", "account", "login", "credentials"]):
|
|
|
|
| 43 |
attack_type = "Spam / Marketing"
|
| 44 |
elif verdict == "β
Safe":
|
| 45 |
attack_type = "Benign / Normal Email"
|
|
|
|
|
|
|
| 46 |
|
| 47 |
# --- Collect tags ---
|
| 48 |
tags = []
|
|
|
|
| 57 |
if "spam" in f_lower or "marketing" in f_lower:
|
| 58 |
tags.append("Spam Tone")
|
| 59 |
|
| 60 |
+
# --- Summary report ---
|
| 61 |
summary = {
|
| 62 |
"Final Verdict": verdict,
|
| 63 |
"Attack Type": attack_type,
|
|
|
|
| 65 |
"Main Tags": ", ".join(sorted(set(tags))) if tags else "No special tags"
|
| 66 |
}
|
| 67 |
|
| 68 |
+
# --- Detailed findings ---
|
| 69 |
details = {
|
| 70 |
"Header Findings": header_findings,
|
| 71 |
"Body Findings": body_findings,
|