Skip to content

securityfrog/spoofcheck

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

32 Commits
libs
libs
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
Pipfile
Pipfile
 
 
Pipfile.lock
Pipfile.lock
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 
spoofcheck
spoofcheck
 
 
spoofcheck.py
spoofcheck.py
 
 

Repository files navigation

spoofcheck

A program that checks if a domain can be spoofed from. The program checks SPF and DMARC records for weak configurations that allow spoofing.

Additionally it will alert if the domain has DMARC configuration that sends mail or HTTP requests on failed SPF/DKIM emails.

Forked from the original BishopFox/spoofcheck

Usage:

./spoofcheck.py [DOMAIN]

Domains are spoofable if any of the following conditions are met:

  • Lack of an SPF or DMARC record
  • SPF record never specifies ~all or -all
  • DMARC policy is set to p=none or is nonexistent

Dependencies

  • dnspython
  • colorama
  • emailprotectionslib
  • tldextract

Setup

  1. Ensure you have pipenv installed: pip install pipenv.
  2. Run pipenv install from the command line to install the required dependencies.
  3. Run the program using pipenv run ./spoofcheck.py

Coming Soon

  • Standalone Windows executable
  • Basic GUI option
  • Tests

About

Simple script that checks a domain for email protections

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 99.4%
  • Shell 0.6%