Phishing Email Analysis project using ANY.RUN sandbox for dynamic malware analysis and threat investigation. This repository contains phishing email samples, IOC analysis, behavioral findings, suspicious URL investigations, email header analysis, and SOC-based incident response observations for cybersecurity learning and threat detection practice.
A phishing email is a fraudulent email sent by attackers pretending to be a trusted person, organization, or service to trick users into revealing sensitive information such as usernames, passwords, banking details, or downloading malicious files.
Phishing emails often contain: • Fake login pages • Malicious attachments • Suspicious links • Urgent or threatening messages • Impersonation of legitimate companies or employees
The main goal of phishing attacks is to steal data, gain unauthorized access, deploy malware, or compromise systems within an organization.
Phishing email analysis helps cybersecurity professionals identify malicious indicators, investigate attacker behavior, and prevent security incidents through threat detection and incident response.
It is an interactive online malware analysis and sandbox platform used by cybersecurity professionals, SOC analysts, and threat researchers for investigating phishing emails, malicious files, suspicious URLs, and malware behavior in real time.
It provides a safe virtual environment to analyze threats dynamically by monitoring processes, network traffic, system activities, dropped files, registry changes, and indicators of compromise (IOCs). The platform is widely used for incident response, threat hunting, malware analysis, and phishing investigations.
Official Website: https://any.run/