I built a small tool called Trawler (part of PhishDeck) to remove the most tedious part of handling suspicious emails: extracting IOCs and getting reports ready to send quickly.
What it does: upload a suspicious email (.eml / .msg) or paste the email HTML, it extracts indicators (URLs/domains/etc), summarises what it found, then generates an abuse/report pack and helps you submit reports to relevant parties (hosting providers, domain registrars, and other trackers) in one go.
What it does not do: it does not click or detonate any links from the email, and it does not collect/report/log anything unless you explicitly hit submit.
I’d value blunt feedback from folks who deal with email abuse or IR: what’s missing, what feels clunky, and which reporting destinations you’d want added (or avoided)?
I built a small tool called Trawler (part of PhishDeck) to remove the most tedious part of handling suspicious emails: extracting IOCs and getting reports ready to send quickly.
What it does: upload a suspicious email (.eml / .msg) or paste the email HTML, it extracts indicators (URLs/domains/etc), summarises what it found, then generates an abuse/report pack and helps you submit reports to relevant parties (hosting providers, domain registrars, and other trackers) in one go.
What it does not do: it does not click or detonate any links from the email, and it does not collect/report/log anything unless you explicitly hit submit.
I’d value blunt feedback from folks who deal with email abuse or IR: what’s missing, what feels clunky, and which reporting destinations you’d want added (or avoided)?
Cheers, Charlie