michael/Spoofy
1
0
Fork 0
mirror of https://github.com/MattKeeley/Spoofy.git synced 2026-02-03 13:33:24 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
4 Commits 2 Branches 4 Tags
464e56756e69aff741907ce6e3722638517a95d4
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Matt Keeley 464e56756e docs: Updated readme to add BF original link
2022-09-20 12:22:46 -07:00
libs
init: initial commit
2022-09-20 12:03:01 -07:00
.gitignore
Initial commit
2022-09-20 12:01:35 -07:00
domain_list.txt
init: initial commit
2022-09-20 12:03:01 -07:00
LICENSE
init: initial commit
2022-09-20 12:03:01 -07:00
README.md
docs: Updated readme to add BF original link
2022-09-20 12:22:46 -07:00
requirements.txt
init: initial commit
2022-09-20 12:03:01 -07:00
spoofcheck.py
init: initial commit
2022-09-20 12:03:01 -07:00

README.md

spoofcheck

Original tool made by @BishopFox spoofcheck.

A program that checks if a domain (or list of domains) can be spoofed. The program checks SPF and DMARC records for weak configurations that allow spoofing.

Additionally it will alert if the domain has DMARC configuration that sends mail or HTTP requests on failed SPF/DKIM emails.

Usage:

./spoofcheck.py -d [DOMAIN]
OR
./spoofcheck.py -iL [DOMAIN_LIST]

Domains are spoofable if any of the following conditions are met:

  • Lack of an SPF or DMARC record
  • SPF record never specifies ~all or -all
  • DMARC policy is set to p=none or is nonexistent

Dependencies

  • dnspython
  • colorama
  • py-emailprotections
  • tldextract

Setup

Run pip3 install -r requirements.txt from the command line to install the required dependencies.

Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme 1.1 MiB
Languages
Python 100%