Do you know how to properly read and analyze an email message header? In this episode, we’ll take a look at two examples – one legitimate, and one not-so-legitimate. We’ll learn which header fields are most commonly referenced for analysis, how to determine a message’s true origin, how to read SPF and DKIM information, and we’ll even take a quick look at DMARC. Whether you’re completely new to this concept or a seasoned veteran, this episode has something for you.
🙏Special thanks to Arman Gungor (@armangungor) for lending his expertise in making this episode.
*** If you enjoy this video, please consider supporting 13Cubed on Patreon at patreon.com/13cubed. ***
Leveraging DKIM in Email Forensics:
[ Ссылка ]
What is DMARC?:
[ Ссылка ]
Email Header Plugin for Sublime Text 3:
[ Ссылка ]
Background Music Courtesy of Anders Enger Jensen:
[ Ссылка ]
#Forensics #DigitalForensics #DFIR #ComputerForensics #WindowsForensics #EmailForensics
Email Header Analysis and Forensic Investigation
Теги
forensicsdigital forensicsDFIRhow to analyze an email headerhow to analyze an e-mail headerhow to read an email headerhow to read an e-mail headerhow to read email headershow to read e-mail headersemail header analysise-mail header analysisemail forensicse-mail forensicsmessage forensicstrace an emailtrace an e-mailMUAMTAMSASPFDKIMDMARCMessage-ID fieldMessage ID fieldMetaspikeHillary Clinton emailHillary Clinton e-mail