MsgDoxxer is a Python tool designed to extract and display information from .msg and .pdf files. It helps in identifying potentially malicious content by providing detailed metadata, text, and link information.
- Extracts and displays metadata and content from
.msgand.pdffiles. - Decodes and displays URIs in a human-readable format.
- Provides a warning for potentially dangerous links.
- Supports both Windows and Linux platforms.
To install MsgDoxxer, follow these steps:
-
Clone the repository:
git clone https://github.com/RocketGod-git/MsgDoxxer cd msgdoxxer -
Create and activate a virtual environment (optional but recommended):
python -m venv venv source venv/bin/activate # On Windows use `venv\Scripts\activate`
-
Install the required libraries:
pip install extract-msg colorama PyMuPDF
To run MsgDoxxer, execute the following command:
python msg_doxxer.py-
File Selection:
- A file dialog will open, allowing you to select a
.msgor.pdffile.
- A file dialog will open, allowing you to select a
-
Data Extraction:
- For
.msgfiles, the script extracts sender, recipients, subject, date, body, and attachments. - For
.pdffiles, the script extracts metadata, text, and links.
- For
-
Data Display:
- The extracted information is displayed in the terminal with color-coded formatting for better readability.
- URIs are decoded and displayed in a human-readable format.
- Warnings are provided for potentially dangerous links.
Title: Scam
Author: Scammer
Subject: You get the drift...
Keywords:
Producer:
Creation Date:
Modification Date:
Text:
Please review and sign your document
Recipient:
RocketGod (RocketGod@email.com)
View Documents
Alternately, you can access these documents by clicking the "View Document" link above.
DocuSign. The fastest way to get a signature.
This message was sent to you by Andrea ScammerVich who is using the DocuSign Electronic Signature Service.
WARNING: Be cautious of clicking any links unless you are certain of their destination.
Links:
URI: https://f%2eg%2eb%69ng%2ecom
Resolved URI: https://f.g.bing.com
Kind: 2 (URI)
XRef: 15
Coordinates: Rect(192.28799438476562, 281.54901123046875, 288.31201171875, 295.3480224609375)
Contributions are welcome! Please open an issue or submit a pull request for any changes or improvements.
This project is licensed under the GPL-3.0 license. See the LICENSE file for details.
Note: This tool is intended for educational and informational purposes only. Always exercise caution when dealing with potentially malicious files and links.
