{"id":13292295,"url":"https://github.com/mathis2001/Sp00fy","last_synced_at":"2025-03-10T07:32:54.279Z","repository":{"id":110078422,"uuid":"503352102","full_name":"mathis2001/Sp00fy","owner":"mathis2001","description":"Simple python script to check for email spoofing on a given domain.","archived":false,"fork":false,"pushed_at":"2022-11-24T11:11:45.000Z","size":50,"stargazers_count":9,"open_issues_count":0,"forks_count":3,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-02T12:25:56.834Z","etag":null,"topics":["bugbounty","dmarc","email","phishing","spoofing"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mathis2001.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-06-14T12:34:36.000Z","updated_at":"2024-09-01T04:59:15.000Z","dependencies_parsed_at":"2023-03-15T14:00:35.949Z","dependency_job_id":null,"html_url":"https://github.com/mathis2001/Sp00fy","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mathis2001%2FSp00fy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mathis2001%2FSp00fy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mathis2001%2FSp00fy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mathis2001%2FSp00fy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mathis2001","download_url":"https://codeload.github.com/mathis2001/Sp00fy/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":242811868,"owners_count":20189143,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bugbounty","dmarc","email","phishing","spoofing"],"created_at":"2024-07-29T17:07:40.699Z","updated_at":"2025-03-10T07:32:54.266Z","avatar_url":"https://github.com/mathis2001.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Sp00fy\nSimple python script to check for email spoofing on a given domain.\n\n## Install:\n```bash\n$ git clone https://github.com/mathis2001/Sp00fy\n\n$ cd Sp00fy\n\n$ python3 sp00fy.py\n```\n## Requirements:\n\n- Python3\n\n- Pip3\n\n- dns.resolver\n\n- requests\n\n- requests_html\n\nif you want to use the email find funtion you will have to copy your [hunter.io](https://hunter.io/api-keys) api key access and paste it in your environment variables as 'HUNTER_KEY'.\n\n![image](https://user-images.githubusercontent.com/40497633/173600536-26996bd7-4a7d-490f-bb16-bbf5a659d962.png)\n\n\n## Usage:\n```bash\nusage: ./sp00fy.py [-h] [-d DOMAIN] [-f] [-l LIMIT] [-s]\n```\n## options:\n```bash\noptional arguments:\n  -h, --help            show this help message and exit\n  -d DOMAIN, --domain DOMAIN   Target domain\n  -f, --find-emails     Find emails for the given domain\n  -s, --send   Send email anonymously\n  -l LIMIT, --limit LIMIT   Number of results wanted\n\n```\n\n## Use case\n\nYou want to verify if your domain is vulnerable to email spoofing ?\n\nYou can use this tool to simply check your DMARC record. If it is potentially vulnerable, you can check for emails by using the '-f' option and use one of them to simulate the spoofing of it (exp: info@target.xyz). The anonymous mailer option is now available, it use https://emkei.cz to send your anonymous spoofed email.\n\nIf you receive the mail in your mailbox or spam, it confirm that your domain is vulnerable.\n\n### Disclaimer: This tool have been designed to help testing email spoofing for your own domain or your company domain with authorizations. Please, do not use it for illegal purposes.\n\n## Screens:\n\n![tempsnip](https://user-images.githubusercontent.com/40497633/173594850-7715522f-4c6c-4cae-a18a-0c8d9ec5feae.png)\n\n![tempsnip](https://user-images.githubusercontent.com/40497633/173595580-9fea5ca5-d811-46ae-ae0f-2053d19a748a.png)\n\n![code](https://user-images.githubusercontent.com/40497633/174271419-496bf363-5fcb-437d-9d20-899d0d89383a.png)\n\n![mail1](https://user-images.githubusercontent.com/40497633/174272921-0321ab52-ed7d-49dd-b124-c06b837ad99b.png)\n\n![mail2](https://user-images.githubusercontent.com/40497633/174272998-4f57a252-571a-46a2-80d5-6a1910f9f04e.png)\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmathis2001%2FSp00fy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmathis2001%2FSp00fy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmathis2001%2FSp00fy/lists"}