Email Header Analysis and Digital Forensics

Video Description

Do you know how to properly read and analyze an email message header? In this series we will do a detailed postmortem of an email header. We’ll learn which header fields are most commonly referenced for analysis, how to determine a message’s true origin, how to read SPF and DKIM information, and we’ll even take a quick look at DMARC. We will also learn how can you curve any attachment for further analysis from the header itself in a easy way. Whether you are a completely new to this concept or an old forensics expert, this series has something for you. We don't appreciate any of you to paste your incoming email to a online email header parser and get a quick result. Developing this skill is a must for any security analyst. Please watch this tutorial full to understand each and every information that could be present in the email header and how you can read it though. If you like this video please gives us a thumbs up and support our work by subscribing our channel. If you have any query, please let us know in the comment section below. What is SPF: https://en.wikipedia.org/wiki/Sender_Policy_Framework What is DMARC: https://en.wikipedia.org/wiki/DMARC What is DKIM: https://en.wikipedia.org/wiki/DomainKeys_Identified_Mail Chapters: Intro- 0:00 What why are going to cover- 0:05 Grabbing a header for analysis- 0:50 Requirements- 1:04 Setting the language- 2:57 Start the investigation- 3:23 Check the SPF via dig- 22:45 Start extraction of the attachment- 46:25 -~-~~-~~~-~~-~- Please watch: "The Next Big Event You Need to Prepare For" https://www.youtube.com/watch?v=iP2n0i5vhx4 -~-~~-~~~-~~-~-