Skip to content

a6avind/spoofcheck

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
dns_dump.py
dns_dump.py
 
 
requirements.txt
requirements.txt
 
 
spoofcheck.py
spoofcheck.py
 
 

Repository files navigation

spoofcheck

This Project is a shameless rip off spoofcheck which was written in python2.

This is my effort to make it compatible with python3.

A program that checks if a domain can be spoofed from. The program checks SPF and DMARC records for weak configurations that allow spoofing.

Additionally, it will alert if the domain has DMARC configuration that sends mail or HTTP requests on failed SPF/DKIM emails.

Usage

./spoofcheck.py [DOMAIN]

Domains are spoofable if any of the following conditions are met:

  • Lack of an SPF or DMARC record
  • SPF record never specifies ~all or -all
  • DMARC policy is set to p=none or is nonexistent

Dependencies

  • dnspython
  • colorama
  • py-emailprotections
  • tldextract

Setup

Run pip3 install -r requirements.txt from the command line to install the required dependencies.

About

Spoofcheck

Topics

email python3 spf spoofing dmarc

Resources

Readme

License

Apache-2.0 license
Activity

Stars

26 stars

Watchers

1 watching

Forks

4 forks
Report repository

Languages