https://github.com/vertigo-z/spoofverifier
queries dns for dmarc, spf, and dkim records and reports if the domain is vulnerable to spoofing / lacks proper dns protections.
https://github.com/vertigo-z/spoofverifier
dkim dmarc red-team-tools sender-policy-framework spoofing
Last synced: 5 days ago
JSON representation
queries dns for dmarc, spf, and dkim records and reports if the domain is vulnerable to spoofing / lacks proper dns protections.
- Host: GitHub
- URL: https://github.com/vertigo-z/spoofverifier
- Owner: vertigo-z
- License: mit
- Created: 2026-01-21T02:51:28.000Z (6 months ago)
- Default Branch: main
- Last Pushed: 2026-01-21T02:57:15.000Z (6 months ago)
- Last Synced: 2026-06-06T05:26:39.521Z (29 days ago)
- Topics: dkim, dmarc, red-team-tools, sender-policy-framework, spoofing
- Language: Python
- Homepage:
- Size: 5.86 KB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# spoofverifier
a python tool to check if a domain is vulnerable to email spoofing. it queries dns for dmarc, spf, and dkim records and reports if the domain is vulnerable.
## how it works
the tool checks for email authentication records in order:
- checks for a dmarc policy of `quarantine` or `reject`. if found, the domain is safe.
- if not, checks for an spf record. if found, the domain is safe.
- if not, checks for a dkim record using common selectors. if found, the domain is safe.
- if none are found, the domain is vulnerable.
## usage
```bash
python3 -m spoofverifier domains.csv
```
provide a csv file with a list of domains (one per row, or in the second column).