Skip to content

Simple script that checks a domain for email protections

License

Notifications You must be signed in to change notification settings

0x90shell/spoofcheck

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

spoofcheck

A program that checks if a domain can be spoofed from. The program checks SPF and DMARC records for weak configurations that allow spoofing.

Additionally it will alert if the domain has DMARC configuration that sends mail or HTTP requests on failed SPF/DKIM emails.

Usage:

./spoofcheck.py [DOMAIN]

Domains are spoofable if any of the following conditions are met:

  • Lack of an SPF or DMARC record
  • SPF record never specifies ~all or -all
  • DMARC policy is set to p=none or is nonexistent

Dependencies

  • dnspython
  • colorama
  • emailprotectionslib

Setup

Run pip install -r requirements.txt from the command line to install the required dependencies.

Coming Soon

  • Standalone Windows executable
  • Basic GUI option
  • Tests

About

Simple script that checks a domain for email protections

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages