{"id":28360820,"url":"https://github.com/tomsec8/mxspoof","last_synced_at":"2026-02-28T17:04:13.761Z","repository":{"id":292849377,"uuid":"982138076","full_name":"tomsec8/MXSpoof","owner":"tomsec8","description":"MXSpoof is a Bash tool that checks if a domain is vulnerable to email spoofing by analyzing its SPF, DKIM, and DMARC records.","archived":false,"fork":false,"pushed_at":"2025-05-12T12:48:43.000Z","size":6,"stargazers_count":3,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-06-20T23:35:09.504Z","etag":null,"topics":["bash-script","dns","domain","domains","kali","kali-linux","kali-scripts","mail","pentesting","phishing","scanner","spoofing","url","vulnerability","vulnerability-scanners"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tomsec8.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-05-12T12:35:10.000Z","updated_at":"2025-05-25T23:06:32.000Z","dependencies_parsed_at":"2025-05-13T06:31:32.334Z","dependency_job_id":null,"html_url":"https://github.com/tomsec8/MXSpoof","commit_stats":null,"previous_names":["tomsec8/mxspoof"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/tomsec8/MXSpoof","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tomsec8%2FMXSpoof","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tomsec8%2FMXSpoof/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tomsec8%2FMXSpoof/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tomsec8%2FMXSpoof/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tomsec8","download_url":"https://codeload.github.com/tomsec8/MXSpoof/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tomsec8%2FMXSpoof/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266086076,"owners_count":23874485,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bash-script","dns","domain","domains","kali","kali-linux","kali-scripts","mail","pentesting","phishing","scanner","spoofing","url","vulnerability","vulnerability-scanners"],"created_at":"2025-05-28T12:07:10.603Z","updated_at":"2026-02-28T17:04:12.930Z","avatar_url":"https://github.com/tomsec8.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# 🛡️ MXSpoof\n\nA modular and interactive toolkit to detect email spoofing vulnerabilities using SPF, DKIM, and DMARC analysis.\n\n---\n\n## 📋 Project Overview\n\nThis project provides a centralized Bash script that helps you check one or multiple domains for email spoofing misconfigurations. Whether you're testing your own domain or auditing others, this script gives you actionable insights into their spoofability.\n\n---\n\n## ✅ System Requirements\n\nBefore using this toolkit, make sure your system meets the following:\n\n- 💻 **OS:** Linux (Kali, Ubuntu, Termux, WSL)\n- 🌐 **Internet Connection:** Required for DNS lookups\n- 🧰 **Tools:** dig, grep, sed, awk, tee (usually pre-installed)\n\n---\n\n## 📦 Pre-Installation (One-Time Setup)\n\nMake sure `git` and required tools are installed:\n\n```bash\nsudo apt update \u0026\u0026 sudo apt install git dnsutils coreutils -y\n```\n\n---\n\n## 🚀 Installation\n\nAfter installing prerequisites, follow these steps:\n\n```bash\n# 1. Clone the repository\ngit clone https://github.com/tomsec8/MXSpoof.git\n\n# 2. Enter the project directory\ncd MXSpoof\n\n# 3. Give execute permission to the script\nchmod +x mxspoof.sh\n\n# 4. Run the script\n./mxspoof.sh\n```\n\n---\n\n## 🧠 Available Modes\n\nDuring execution, you can choose one or more of the following:\n\n| Mode              | Description                                                      |\n|-------------------|------------------------------------------------------------------|\n| 🌐 Single Domain   | Analyze spoofability of a single domain                         |\n| 📂 Domain List     | Input a file with multiple domains for batch testing            |\n| 💾 Save Results    | Optionally save the results to a TXT file after each session     |\n\n---\n\n## 👨‍💻 Maintainer\n\nProject by [TomSec8](https://github.com/TomSec8)  \nFeel free to open issues or pull requests with suggestions or fixes.\n\n---\n\n## 🙏 Credits\n\nThis project includes or is inspired by public DNS lookup tools, security standards, and community best practices.\n\n---\n\n## 📜 License\n\nThis project is licensed under the MIT License – see the [LICENSE](LICENSE) file for details.\n\n---\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftomsec8%2Fmxspoof","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftomsec8%2Fmxspoof","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftomsec8%2Fmxspoof/lists"}