GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → BishopFox → Spoofcheck

BishopFox / Spoofcheck

Licence: mit
Simple script that checks a domain for email protections

Programming Languages

python
139335 projects - #7 most used programming language

Labels

security-toolsphishing

Projects that are alternatives of or similar to Spoofcheck

Ethereum Lists
A repository for maintaining lists of things like malicious URLs, fake token addresses, and so forth. We love lists.
Stars: ✭ 300 (-31.35%)
Mutual labels:  security-tools, phishing
Isthislegit
Dashboard to collect, analyze, and respond to reported phishing emails.
Stars: ✭ 251 (-42.56%)
Mutual labels:  security-tools, phishing
Opensquat
Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.
Stars: ✭ 149 (-65.9%)
Mutual labels:  security-tools, phishing
Modlishka
Modlishka. Reverse Proxy.
Stars: ✭ 3,634 (+731.58%)
Mutual labels:  security-tools, phishing
Burpa
Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).
Stars: ✭ 427 (-2.29%)
Mutual labels:  security-tools
Packetwhisper
PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (-7.32%)
Mutual labels:  security-tools
Adhrit
Android Security Suite for in-depth reconnaissance and static bytecode analysis based on Ghera benchmarks.
Stars: ✭ 399 (-8.7%)
Mutual labels:  security-tools
Applicationinspector
A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.
Stars: ✭ 3,873 (+786.27%)
Mutual labels:  security-tools
Cookie crimes
Read local Chrome cookies without root or decrypting
Stars: ✭ 434 (-0.69%)
Mutual labels:  security-tools
Hosthunter
HostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (-2.29%)
Mutual labels:  security-tools
Deimosc2
DeimosC2 is a Golang command and control framework for post-exploitation.
Stars: ✭ 423 (-3.2%)
Mutual labels:  security-tools
Hellraiser
Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (-5.49%)
Mutual labels:  security-tools
Chronicle
Public append-only ledger microservice built with Slim Framework
Stars: ✭ 429 (-1.83%)
Mutual labels:  security-tools
Telemetrysourcerer
Enumerate and disable common sources of telemetry used by AV/EDR.
Stars: ✭ 400 (-8.47%)
Mutual labels:  security-tools
Gosec
Golang security checker
Stars: ✭ 5,694 (+1202.97%)
Mutual labels:  security-tools
Huskyci
Performing security tests inside your CI
Stars: ✭ 398 (-8.92%)
Mutual labels:  security-tools
0xsp Mongoose
a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.
Stars: ✭ 419 (-4.12%)
Mutual labels:  security-tools
Appinfoscanner
一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
Stars: ✭ 424 (-2.97%)
Mutual labels:  security-tools
Otseca
Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
Stars: ✭ 416 (-4.81%)
Mutual labels:  security-tools
Eyeballer
Convolutional neural network for analyzing pentest screenshots
Stars: ✭ 416 (-4.81%)
Mutual labels:  security-tools
View All Similar Projects ➔

spoofcheck

A program that checks if a domain can be spoofed from. The program checks SPF and DMARC records for weak configurations that allow spoofing.

Additionally it will alert if the domain has DMARC configuration that sends mail or HTTP requests on failed SPF/DKIM emails.

Usage:

./spoofcheck.py [DOMAIN]

Domains are spoofable if any of the following conditions are met:

  • Lack of an SPF or DMARC record
  • SPF record never specifies ~all or -all
  • DMARC policy is set to p=none or is nonexistent

Dependencies

  • dnspython
  • colorama
  • emailprotectionslib
  • tldextract

Setup

Run pip install -r requirements.txt from the command line to install the required dependencies.

Coming Soon

  • Standalone Windows executable
  • Basic GUI option
  • Tests
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].