Cyber security

SpoofCheck – Fortifying Email Defenses By Unmasking Domain Spoofability

A program that checks if a domain can be spoofed from. The program checks SPF and DMARC records for weak configurations that allow spoofing.

Additionally it will alert if the domain has DMARC configuration that sends mail or HTTP requests on failed SPF/DKIM emails.

Usage:

./spoofcheck.py [DOMAIN]

Domains are spoofable if any of the following conditions are met:

  • Lack of an SPF or DMARC record
  • SPF record never specifies ~all or -all
  • DMARC policy is set to p=none or is nonexistent

Dependencies

  • dnspython
  • colorama
  • emailprotectionslib
  • tldextract

Setup

Run pip install -r requirements.txt from the command line to install the required dependencies.

Coming Soon

  • Standalone Windows executable
  • Basic GUI option
  • Tests
Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Leave a Comment
Share
Published by
Varshini
Tags: cybersecurityinformationsecuritykalilinuxkalilinuxtoolsSpoofCheck
2 years ago

Recent Posts

How Web Application Firewalls (WAFs) Work

General Working of a Web Application Firewall (WAF) A Web Application Firewall (WAF) acts as…

1 week ago

How to Send POST Requests Using curl in Linux

How to Send POST Requests Using curl in Linux If you work with APIs, servers,…

1 week ago

What Does chmod 777 Mean in Linux

If you are a Linux user, you have probably seen commands like chmod 777 while…

1 week ago

How to Undo and Redo in Vim or Vi

Vim and Vi are among the most powerful text editors in the Linux world. They…

1 week ago

How to Unzip and Extract Files in Linux

Working with compressed files is a common task for any Linux user. Whether you are…

1 week ago

Free Email Lookup Tools and Reverse Email Search Resources

In the digital era, an email address can reveal much more than just a contact…

1 week ago