Skip to content

masquerad3r/spoofchecker

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
README.md
README.md
 
 
spoofdetect.py
spoofdetect.py
 
 

Repository files navigation

spoofchecker

Overview

The script simply checks whether a given domain can be spoofed or not. The program checks SPF and DMARC records for weak configurations that potentially allow spoofing.

It is an adaptation of the spoofcheck in python3 with complete structural makeover. Thanks for the idea!!!

Usage:

python3 spoofdetect.py [DOMAIN]

Domains are said to be spoofable if the following conditions are met:

  • Lack of an SPF or DMARC record altogether
  • SPF record that never specifies softfail (~all) or hardfail (-all)
  • SPF with softfail, and DMARC with policy as none (p=none) or non-existent.

Only Catch

Made with ❤️ for Linux (Sorry Windows 😈)

Things to add

  • Support for include and redirect SPF record parameters
  • Support for organizational DMARC record checks

References

About

Script to check a domain for appropriate anti-spoofing policies

Resources

Readme
Activity

Stars

6 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages