Easy DFIR Tools and Methods
Phishing Email Analysis ClamAV ClamAV is great to scan for malware but also can scan eml files including email attachments. Use the --debug flag for more info on the scan.
clamscan sample.eml Continued You can also use ClamAV to scan any suspicious file.
clamscan sample.zip Investigating a malicious link To investigate a link I use a REMnux container which offers so many awesome tools. I will cover THUG and Automater.
Read more...