Skip to content
/ spoofverifier Public

a python tool to check if a domain is vulnerable to email spoofing. it queries dns for dmarc, spf, and dkim records and reports if the domain is vulnerable.

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

vertigo-coder/spoofverifier

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
spoofverifier.py
spoofverifier.py
 
 

Repository files navigation

spoofverifier

a python tool to check if a domain is vulnerable to email spoofing. it queries dns for dmarc, spf, and dkim records and reports if the domain is vulnerable.

how it works

the tool checks for email authentication records in order:

  • checks for a dmarc policy of quarantine or reject. if found, the domain is safe.
  • if not, checks for an spf record. if found, the domain is safe.
  • if not, checks for a dkim record using common selectors. if found, the domain is safe.
  • if none are found, the domain is vulnerable.

usage

python3 -m spoofverifier domains.csv

provide a csv file with a list of domains (one per row, or in the second column).

About

a python tool to check if a domain is vulnerable to email spoofing. it queries dns for dmarc, spf, and dkim records and reports if the domain is vulnerable.

Topics

dkim spoofing sender-policy-framework dmarc red-team-tools

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages