There are 4 repositories under email-security topic.
Simple script that checks a domain for email protections
Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.
Sublime rules for email attack detection, prevention, and threat hunting.
Scan domains and return data based on trustworthy email best practices
A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and control, hunt for advanced threats, collaborate with the community, and write detections-as-code.
An forensics tool to help aid in the investigation of spoofed emails based off the email headers.
Another utility to analyze state of deployment of security-related email protocols.
The DNS Hunt will make your life easier, and of course faster.
URL / IP / Email defanging with Javascript. Make IoC harmless.
Phishable is a project that logs misconfigured DNS that can be exploited to conduct phishing attacks & spoof domains. Phishable helps orgs investigate phishing campaigns, gauge third-party risk & mitigate these risks. All orgs on the list are exposed to higher risk of threat actors gaining initial entry to their org, supply chain, and customers.
SPF-finder is designed to check for the validation of a Sender Policy Framework (SPF) record in a domain's DNS settings. It uses the nslookup command to query the DNS server for the SPF record, and then parses the output to determine if the record is present or not. It also have functionality for reading a list of domains.
EmailSecCheck is a lightweight Python utility used to check for common SPF/DMARC misconfigurations that may allow for email spoofing.
URL / IP / Email defanging with Golang. Make IoC harmless.
Plesk Extension for SpamExperts' services integration
Aliyun CTF Teapot mail server POC for DKIM
A terraform module to set up DNS records to harden the parked(unused) domain using GCP Cloud DNS.
Custom Sublime Sec rules for malicious emails I've come across.
OutlookDSD - A simple add-in for Outlook that shows a messages DKIM, SPF and DMARC status.
A terraform module to set up DNS records to harden the parked(unused) domain using AWS Route53.
🧰️✉️🪱️ The DMail tacklebox is a separate email folder that holds phishing attempts (known as lures) it is separate from the spam folder, the inbox, and other folders.
🧰️✉️🪱️ The tacklebox is a separate email folder that holds phishing attempts (known as lures) it is separate from the spam folder, the inbox, and other folders.
mail without fail
This is a template for hosting a mta-sts.txt file using GitHub Pages
A command line tool to check if a single (or multiple) email addresses have been compromised.
A repository to store all my custom Sublime rules
Simple python3 script for checking SPF & DMARC records.
A terraform module to set up DNS records to harden the parked(unused) domain using Cloudflare DNS.
A lightweight script to obscure (or hide) email addresses and telephone numbers from spammers.