├── .github
└── ISSUE_TEMPLATE
│ ├── bug_report.md
│ └── feature_request.md
├── CODE_OF_CONDUCT.md
├── CONTRIBUTING.md
├── LICENSE
├── README.md
├── SECURITY.md
├── img
├── EVC.png
└── image.png
└── spfvuln.sh
/.github/ISSUE_TEMPLATE/bug_report.md:
--------------------------------------------------------------------------------
1 | ---
2 | name: Bug report
3 | about: Create a report to help us improve
4 | title: ''
5 | labels: ''
6 | assignees: ''
7 |
8 | ---
9 |
10 | **Describe the bug**
11 | A clear and concise description of what the bug is.
12 |
13 | **To Reproduce**
14 | Steps to reproduce the behavior:
15 | 1. Go to '...'
16 | 2. Click on '....'
17 | 3. Scroll down to '....'
18 | 4. See error
19 |
20 | **Expected behavior**
21 | A clear and concise description of what you expected to happen.
22 |
23 | **Screenshots**
24 | If applicable, add screenshots to help explain your problem.
25 |
26 | **Desktop (please complete the following information):**
27 | - OS: [e.g. iOS]
28 | - Browser [e.g. chrome, safari]
29 | - Version [e.g. 22]
30 |
31 | **Smartphone (please complete the following information):**
32 | - Device: [e.g. iPhone6]
33 | - OS: [e.g. iOS8.1]
34 | - Browser [e.g. stock browser, safari]
35 | - Version [e.g. 22]
36 |
37 | **Additional context**
38 | Add any other context about the problem here.
39 |
--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/feature_request.md:
--------------------------------------------------------------------------------
1 | ---
2 | name: Feature request
3 | about: Suggest an idea for this project
4 | title: ''
5 | labels: ''
6 | assignees: ''
7 |
8 | ---
9 |
10 | **Is your feature request related to a problem? Please describe.**
11 | A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
12 |
13 | **Describe the solution you'd like**
14 | A clear and concise description of what you want to happen.
15 |
16 | **Describe alternatives you've considered**
17 | A clear and concise description of any alternative solutions or features you've considered.
18 |
19 | **Additional context**
20 | Add any other context or screenshots about the feature request here.
21 |
--------------------------------------------------------------------------------
/CODE_OF_CONDUCT.md:
--------------------------------------------------------------------------------
1 | # Contributor Covenant Code of Conduct
2 |
3 | ## Our Pledge
4 |
5 | We as members, contributors, and leaders pledge to make participation in our
6 | community a harassment-free experience for everyone, regardless of age, body
7 | size, visible or invisible disability, ethnicity, sex characteristics, gender
8 | identity and expression, level of experience, education, socio-economic status,
9 | nationality, personal appearance, race, religion, or sexual identity
10 | and orientation.
11 |
12 | We pledge to act and interact in ways that contribute to an open, welcoming,
13 | diverse, inclusive, and healthy community.
14 |
15 | ## Our Standards
16 |
17 | Examples of behavior that contributes to a positive environment for our
18 | community include:
19 |
20 | * Demonstrating empathy and kindness toward other people
21 | * Being respectful of differing opinions, viewpoints, and experiences
22 | * Giving and gracefully accepting constructive feedback
23 | * Accepting responsibility and apologizing to those affected by our mistakes,
24 | and learning from the experience
25 | * Focusing on what is best not just for us as individuals, but for the
26 | overall community
27 |
28 | Examples of unacceptable behavior include:
29 |
30 | * The use of sexualized language or imagery, and sexual attention or
31 | advances of any kind
32 | * Trolling, insulting or derogatory comments, and personal or political attacks
33 | * Public or private harassment
34 | * Publishing others' private information, such as a physical or email
35 | address, without their explicit permission
36 | * Other conduct which could reasonably be considered inappropriate in a
37 | professional setting
38 |
39 | ## Enforcement Responsibilities
40 |
41 | Community leaders are responsible for clarifying and enforcing our standards of
42 | acceptable behavior and will take appropriate and fair corrective action in
43 | response to any behavior that they deem inappropriate, threatening, offensive,
44 | or harmful.
45 |
46 | Community leaders have the right and responsibility to remove, edit, or reject
47 | comments, commits, code, wiki edits, issues, and other contributions that are
48 | not aligned to this Code of Conduct, and will communicate reasons for moderation
49 | decisions when appropriate.
50 |
51 | ## Scope
52 |
53 | This Code of Conduct applies within all community spaces, and also applies when
54 | an individual is officially representing the community in public spaces.
55 | Examples of representing our community include using an official e-mail address,
56 | posting via an official social media account, or acting as an appointed
57 | representative at an online or offline event.
58 |
59 | ## Enforcement
60 |
61 | Instances of abusive, harassing, or otherwise unacceptable behavior may be
62 | reported to the community leaders responsible for enforcement at
63 | https://t.me/BLACK_SCORP10.
64 | All complaints will be reviewed and investigated promptly and fairly.
65 |
66 | All community leaders are obligated to respect the privacy and security of the
67 | reporter of any incident.
68 |
69 | ## Enforcement Guidelines
70 |
71 | Community leaders will follow these Community Impact Guidelines in determining
72 | the consequences for any action they deem in violation of this Code of Conduct:
73 |
74 | ### 1. Correction
75 |
76 | **Community Impact**: Use of inappropriate language or other behavior deemed
77 | unprofessional or unwelcome in the community.
78 |
79 | **Consequence**: A private, written warning from community leaders, providing
80 | clarity around the nature of the violation and an explanation of why the
81 | behavior was inappropriate. A public apology may be requested.
82 |
83 | ### 2. Warning
84 |
85 | **Community Impact**: A violation through a single incident or series
86 | of actions.
87 |
88 | **Consequence**: A warning with consequences for continued behavior. No
89 | interaction with the people involved, including unsolicited interaction with
90 | those enforcing the Code of Conduct, for a specified period of time. This
91 | includes avoiding interactions in community spaces as well as external channels
92 | like social media. Violating these terms may lead to a temporary or
93 | permanent ban.
94 |
95 | ### 3. Temporary Ban
96 |
97 | **Community Impact**: A serious violation of community standards, including
98 | sustained inappropriate behavior.
99 |
100 | **Consequence**: A temporary ban from any sort of interaction or public
101 | communication with the community for a specified period of time. No public or
102 | private interaction with the people involved, including unsolicited interaction
103 | with those enforcing the Code of Conduct, is allowed during this period.
104 | Violating these terms may lead to a permanent ban.
105 |
106 | ### 4. Permanent Ban
107 |
108 | **Community Impact**: Demonstrating a pattern of violation of community
109 | standards, including sustained inappropriate behavior, harassment of an
110 | individual, or aggression toward or disparagement of classes of individuals.
111 |
112 | **Consequence**: A permanent ban from any sort of public interaction within
113 | the community.
114 |
115 | ## Attribution
116 |
117 | This Code of Conduct is adapted from the [Contributor Covenant][homepage],
118 | version 2.0, available at
119 | https://www.contributor-covenant.org/version/2/0/code_of_conduct.html.
120 |
121 | Community Impact Guidelines were inspired by [Mozilla's code of conduct
122 | enforcement ladder](https://github.com/mozilla/diversity).
123 |
124 | [homepage]: https://www.contributor-covenant.org
125 |
126 | For answers to common questions about this code of conduct, see the FAQ at
127 | https://www.contributor-covenant.org/faq. Translations are available at
128 | https://www.contributor-covenant.org/translations.
129 |
--------------------------------------------------------------------------------
/CONTRIBUTING.md:
--------------------------------------------------------------------------------
1 | # Contributing to Email Vulnerability Checker
2 |
3 | First off, thanks for taking the time to contribute! 🎉 The following is a set of guidelines for contributing to Email Vulnerability Checker, hosted on GitHub.
4 |
5 | ## How Can I Contribute?
6 |
7 | ### Reporting Bugs
8 |
9 | If you find a bug in the project, please report it by following these steps:
10 | 1. Check if the issue has already been reported.
11 | 2. Open a new issue if it hasn't been reported.
12 | 3. Include detailed information about the bug, including steps to reproduce, expected behavior, and any relevant screenshots or logs.
13 |
14 | ### Suggesting Enhancements
15 |
16 | If you have an idea to improve the project, please suggest it by:
17 | 1. Opening a new issue.
18 | 2. Providing a clear and detailed description of the proposed enhancement.
19 | 3. Explaining why the enhancement would be beneficial.
20 |
21 | ### Submitting Pull Requests
22 |
23 | If you want to fix a bug or implement a new feature:
24 | 1. Fork the repository.
25 | 2. Create a new branch (`git checkout -b feature-name`).
26 | 3. Make your changes.
27 | 4. Ensure your code adheres to the project's coding standards.
28 | 5. Write tests for your changes, if applicable.
29 | 6. Commit your changes (`git commit -am 'Add new feature'`).
30 | 7. Push to the branch (`git push origin feature-name`).
31 | 8. Open a Pull Request.
32 |
33 | ### Coding Standards
34 |
35 | To maintain code quality and consistency, please follow these guidelines:
36 | - Use clear and descriptive commit messages.
37 | - Write meaningful comments in your code.
38 | - Follow the project's coding style and conventions.
39 | - Ensure your code passes all tests and linting checks.
40 |
41 | ### Development Environment Setup
42 |
43 | To set up the development environment:
44 | 1. Clone the repository (`git clone https://github.com/your-username/your-repo.git`).
45 | 2. Install dependencies using the package manager specified in the project (e.g., `npm install` for Node.js projects).
46 | 3. Follow any additional setup instructions provided in the `README.md`.
47 |
48 | ### Code of Conduct
49 |
50 | This project adheres to a Code of Conduct. By participating, you are expected to uphold this code. Please report any unacceptable behavior to sayedalirizvi001@gmail.com.
51 |
52 | ---
53 |
54 | Thank you for contributing to Email Vulnerability Checker! Together, we can make this project better for everyone. Happy coding!
55 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Copyright (c) 2023 Sayed Ali
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 |
2 |
3 | 
4 |
5 | Email Vulnerability Checker v2.1
6 |
7 |
8 |
9 |
10 | Verify whether the domain is vulnerable to spoofing by Email-vulnerablity-checker
11 |
12 |
13 |
14 | ## Features of Version 2.1
15 |
16 | - Added Support to save output on a file using -o flag
17 | - Added more checks that will accurately tell you the Vulnerability Status.
18 | - Updated the code completely with proper and accurate results.
19 | - Enhanced the tool and decorated some look and feel on the tool.
20 |
21 |
22 | Email Vulnerability Checker
23 |
24 | This script checks the SPF and DMARC configurations of email domains to determine their vulnerability status. It's useful for system administrators or security professionals to assess email infrastructure security.
25 |
26 | ## Usage
27 |
28 | To run the script, execute it with the following command:
29 |
30 | ./spfvuln.sh [options]
31 |
32 | ### Options
33 |
34 | - -h, --help: Display the help message.
35 | - -v: Display the version of the script.
36 | - -t : Specify a file containing a list of domains to check.
37 | - -d : Specify a single domain to check.
38 | - -o : Specify an output file to save the results.
39 |
40 | ## Requirements
41 |
42 | - Bash-compatible shell: Ensure your system supports Bash scripting.
43 | - nslookup command: Make sure the nslookup command is installed and available in your system's PATH.
44 |
45 | ### Installation Steps
46 |
47 | 1. **Clone the Repository:**
48 | ```
49 | git clone https://github.com/BLACK-SCORP10/Email-Vulnerability-Checker.git
50 | ```
51 |
52 | 2. **Navigate to the Directory:**
53 | ```
54 | cd Email-Vulnerability-Checker
55 | ```
56 |
57 | 3. **Make the Script Executable:**
58 | ```
59 | chmod +x spfvuln.sh
60 | ```
61 |
62 | 4. **Install Requirements:**
63 |
64 | **For Ubuntu or Debian:**
65 | ```
66 | sudo apt update
67 | sudo apt install dnsutils
68 | ```
69 |
70 | **For CentOS or RHEL:**
71 | ```
72 | sudo yum install bind-utils # CentOS, RHEL
73 | ```
74 | or
75 | ```
76 | sudo dnf install bind-utils # Fedora
77 | ```
78 |
79 | 5. **Verify Installation:**
80 | ```
81 | nslookup example.com
82 | ```
83 | or
84 | ```
85 | nslookup -version
86 | ```
87 |
88 | ### Usage
89 |
90 | #### Example Usage
91 |
92 | **Checking a single domain:**
93 | ```
94 | ./spfvuln.sh -d example.com
95 | ```
96 |
97 | **Checking multiple domains from a file:**
98 | ```
99 | ./spfvuln.sh -t domains.txt
100 | ```
101 |
102 | **Saving results to an output file:**
103 | ```
104 | ./spfvuln.sh -d example.com -o output.txt
105 | ```
106 | ## Updating the tool
107 | To update your tool after a new version has been released, follow these steps:
108 |
109 | 1. **Navigate to the Tool Directory:**
110 | ```
111 | cd Email-Vulnerability-Checker
112 | ```
113 |
114 | 2. **Pull the Latest Changes from the Remote Repository:**
115 | ```
116 | git pull origin main
117 | ```
118 |
119 |
120 | ### Notes
121 |
122 | - Replace `example.com` with the domain you want to check.
123 | - Ensure `spfvuln.sh` is executable (`chmod +x spfvuln.sh`) before use.
124 | - Detailed information about the tool's options and functionality can be found by running `./spfvuln.sh -h` or `./spfvuln.sh --help`.
125 | ## Preview
126 |
127 | 
128 |
129 | ## Detail Description On Configurations Flag
130 |
131 | SPF Configuration | DMARC Configuration | Vulnerability Status | Explanation
132 | -------------------|----------------------|----------------------|---------------------------------------------------------------------------------------------------------------------------------------
133 | -all | Reject | Not Vulnerable | SPF (-all) with DMARC reject policy ensures that unauthorized emails are rejected outright, minimizing spoofing risks.
134 | -all | Quarantine | Less Vulnerable | SPF (-all) with DMARC quarantine policy sends unauthorized emails to spam or a designated folder, reducing risks.
135 | -all | None | Vulnerable | SPF (-all) without DMARC leaves some vulnerability, as DMARC can enhance email authentication and alignment.
136 | -all | No Answer | Vulnerable | The presence of "redirect" or other mechanisms not explicitly defined can lead to vulnerabilities, depending on the redirected domain's SPF configuration.
137 | ~all | Reject | Less Vulnerable | SPF soft fail (~all) with DMARC reject policy may allow unauthorized emails but rejects those failing DMARC alignment.
138 | ~all | Quarantine | More Vulnerable | SPF soft fail (~all) with DMARC quarantine policy may allow unauthorized emails but sends them to spam or a designated folder.
139 | ~all | None | Vulnerable | SPF soft fail (~all) without DMARC leaves more vulnerability, as DMARC can enhance email authentication and alignment.
140 | ~all | No Answer | Vulnerable | The presence of "redirect" or other mechanisms not explicitly defined can lead to vulnerabilities, depending on the redirected domain's SPF configuration.
141 | +all | Reject | Vulnerable | SPF pass (+all) with DMARC reject policy is vulnerable as it accepts all emails without proper authentication or alignment.
142 | +all | Quarantine | More Vulnerable | SPF pass (+all) with DMARC quarantine policy may allow all emails but sends unauthorized ones to spam or a designated folder.
143 | +all | None | Vulnerable | SPF pass (+all) without DMARC leaves vulnerability, as DMARC can enhance email authentication and alignment.
144 | +all | No Answer | Vulnerable | The presence of "redirect" or other mechanisms not explicitly defined can lead to vulnerabilities, depending on the redirected domain's SPF configuration.
145 | ?all | Reject | Vulnerable | SPF neutral (?all) with DMARC reject policy doesn't provide strong protection, potentially allowing unauthorized emails.
146 | ?all | Quarantine | More Vulnerable | SPF neutral (?all) with DMARC quarantine policy may allow unauthorized emails but sends them to spam or a designated folder.
147 | ?all | None | Vulnerable | SPF neutral (?all) without DMARC leaves vulnerability, as DMARC can enhance email authentication and alignment.
148 | ?all | No Answer | Vulnerable | The presence of "redirect" or other mechanisms not explicitly defined can lead to vulnerabilities, depending on the redirected domain's SPF configuration.
149 | N/A | Reject | Vulnerable | Without SPF, DMARC reject policy doesn't provide strong protection against unauthorized emails, potentially allowing spoofing and phishing.
150 | N/A | Quarantine | More Vulnerable | Without SPF, DMARC quarantine policy may allow unauthorized emails but sends them to spam or a designated folder.
151 | N/A | None | Highly Vulnerable | Without SPF, DMARC none policy leaves the domain highly vulnerable to various email-based threats, including spoofing and phishing attacks.
152 | N/A | No Answer | Highly Vulnerable | The absence of both SPF and DMARC records leaves the domain highly vulnerable to various email-based threats, including spoofing and phishing attacks, especially if "redirect" or other mechanisms not explicitly defined are present.
153 |
154 | Other types are Redirect Mechanism and Multiple SPF Flags.
155 | - On Redirect Mechanism, The DMARC redirects to another domain/subdomain for the policies that is used over the domains. Better to check it manually.
156 | - On Multiple SPF Flags, The SPF has more then one defined flags, "A domain must not have multiple SPF records as both will be declined by the recipient server, making the authentication impossible". You can report this.
157 |
158 | ## Author
159 |
160 | This Email Vulnerability Checker script was created by BLACK-SCORP10. For queries or feedback, contact the author via Telegram: BLACK-SCORP10.
161 |
162 | ## Version
163 |
164 | Current version: 2.1
165 |
166 | ## Disclaimer
167 |
168 | This script is provided as-is, Use it at your own risk.
169 |
170 | ### Support
171 |
172 | For Queries: [Telegram](https://t.me/BLACK_SCORP10)
173 | Contributions, issues, and feature requests are welcome!
174 | Give a ★ if you like this project!
175 |
176 | ### License
177 | This project is licensed under the MIT License - see the LICENSE file for details.
178 |
--------------------------------------------------------------------------------
/SECURITY.md:
--------------------------------------------------------------------------------
1 | # Security Policy
2 |
3 | ## Reporting a Vulnerability
4 |
5 | We take security vulnerabilities seriously and appreciate your efforts to responsibly disclose any issues. If you find a vulnerability in our project, please follow the steps below to report it:
6 |
7 | 1. **Do Not Create a Public Issue:**
8 | - Please do not use GitHub issues to report security vulnerabilities. This is to ensure that the vulnerability is not made public before it can be addressed.
9 |
10 | 2. **Contact Us Privately:**
11 | - Send a detailed report of the vulnerability to our security team at [sayedalirizvi001@gmail.com]. Please include:
12 | - A description of the vulnerability.
13 | - Steps to reproduce the issue.
14 | - Any potential impact or exploit scenarios.
15 |
16 | 3. **Response Time:**
17 | - We will acknowledge receipt of your report within 48 hours.
18 | - We will work with you to understand and resolve the issue as quickly as possible.
19 |
20 | 4. **Public Disclosure:**
21 | - We will coordinate with you on a public disclosure timeline once the vulnerability has been addressed. We aim to release a fix and publish details of the vulnerability in a timely manner.
22 |
--------------------------------------------------------------------------------
/img/EVC.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BLACK-SCORP10/Email-Vulnerability-Checker/f2ad7d296cb0645d19885dfa471643f5d3c65c96/img/EVC.png
--------------------------------------------------------------------------------
/img/image.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BLACK-SCORP10/Email-Vulnerability-Checker/f2ad7d296cb0645d19885dfa471643f5d3c65c96/img/image.png
--------------------------------------------------------------------------------
/spfvuln.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Function to display help message
4 | function display_help {
5 | echo -e "\033[1;33mUsage: $0 [-h] [-v] [-t ] [-d ] [-o ]\033[0m"
6 | echo -e "\033[1;34mOptions:\033[0m"
7 | echo -e " \033[1;36m-h, --help Show this help section\033[0m"
8 | echo -e " \033[1;36m-v Show the tool version\033[0m"
9 | echo -e " \033[1;36m-t, --target Use a text file containing a list of domains to check\033[0m"
10 | echo -e " \033[1;36m-d The domain to check (if not using the -t option)\033[0m"
11 | echo -e " \033[1;36m-o Save output to a file\033[0m"
12 | exit 0
13 | }
14 |
15 | # Function to display tool version
16 | function display_version {
17 | echo -e "\033[1;34mEmail Vulnerability Checker Version 2.1\033[0m"
18 | exit 0
19 | }
20 |
21 | # Function to display banner
22 | function banner {
23 | echo ""
24 | echo -e "\033[1;33m============================================================\033[0m"
25 | echo -e "\033[1;36m This Email Vulnerability Checker is created by\033[0m"
26 | echo -e "\033[1;32m BLACK-SCORP10\033[0m"
27 | echo ""
28 | echo -e "\e[1;34m For Any Queries Join Me!!!\e[0m"
29 | echo -e "\e[1;32m Telegram: https://t.me/BLACK-SCORP10 \e[0m"
30 | echo ""
31 | echo -e "\033[1;33m============================================================\033[0m"
32 | echo ""
33 | }
34 |
35 | # Function to check SPF and DMARC configurations and determine vulnerability status
36 | function check_vulnerability {
37 | local domain=$1
38 | local spf_response=$(nslookup -type=TXT "$domain" | grep -Eo '\s*-all|\s*~all|\s*\+all|\s*\?all|\s*redirect' || echo "no spf")
39 |
40 | local dmarc_response=$(nslookup -type=TXT "_dmarc.$domain" | grep -Eo '\s* p=reject|\s* p=quarantine|\s* p=none|\s*no answer' || echo "no answer")
41 |
42 | # Trim leading and trailing spaces from SPF and DMARC responses
43 | spf_response=$(echo "$spf_response" | sed -e 's/^[[:space:]]//' -e 's/[[:space:]]$//')
44 | dmarc_response=$(echo "$dmarc_response" | sed -e 's/^[[:space:]]//' -e 's/[[:space:]]$//')
45 |
46 | # Determine vulnerability status based on trimmed SPF and DMARC responses
47 | case "$spf_response $dmarc_response" in
48 | "-all p=reject") vulnerability_status="Not Vulnerable"; color="\033[0;32m";;
49 | "-all p=quarantine") vulnerability_status="Less Vulnerable"; color="\033[1;33m";;
50 | "-all p=none") vulnerability_status="Vulnerable"; color="\033[0;31m";;
51 | "-all no answer") vulnerability_status="Vulnerable"; color="\033[0;31m";;
52 | "~all p=reject") vulnerability_status="Less Vulnerable"; color="\033[1;33m";;
53 | "~all p=quarantine") vulnerability_status="More Vulnerable"; color="\033[0;31m";;
54 | "~all p=none") vulnerability_status="Vulnerable"; color="\033[0;31m";;
55 | "~all no answer") vulnerability_status="Vulnerable"; color="\033[0;31m";;
56 | "+all p=reject") vulnerability_status="Vulnerable"; color="\033[0;31m";;
57 | "+all p=quarantine") vulnerability_status="More Vulnerable"; color="\033[0;31m";;
58 | "+all p=none") vulnerability_status="Vulnerable"; color="\033[0;31m";;
59 | "+all no answer") vulnerability_status="Vulnerable"; color="\033[0;31m";;
60 | "?all p=reject") vulnerability_status="Vulnerable"; color="\033[0;31m";;
61 | "?all p=quarantine") vulnerability_status="More Vulnerable"; color="\033[0;31m";;
62 | "?all p=none") vulnerability_status="Vulnerable"; color="\033[0;31m";;
63 | "?all no answer") vulnerability_status="Vulnerable"; color="\033[0;31m";;
64 | "no spf p=reject") vulnerability_status="Vulnerable"; color="\033[0;31m";;
65 | "no spf p=quarantine") vulnerability_status="More Vulnerable"; color="\033[0;31m";;
66 | "no spf p=none") vulnerability_status="Highly Vulnerable"; color="\033[0;31m";;
67 | "no spf no answer") vulnerability_status="Highly Vulnerable"; color="\033[0;31m";;
68 | *) vulnerability_status="Consider Redirect Mechanism"; color="\033[1;34m";;
69 | esac
70 |
71 | echo -e "\033[1;36mDomain: $domain - SPF: $spf_response - DMARC: $dmarc_response - Vulnerability Status: $color$vulnerability_status\033[0m"
72 | }
73 |
74 | # Main script
75 | if [[ $# -eq 0 ]]; then
76 | echo -e "\033[0;31mError: No arguments provided.\033[0m"
77 | display_help
78 | fi
79 |
80 | while [[ $# -gt 0 ]]; do
81 | key="$1"
82 |
83 | case $key in
84 | -h|--help)
85 | display_help
86 | ;;
87 | -v)
88 | display_version
89 | ;;
90 | -t|--target)
91 | target_file="$2"
92 | shift
93 | ;;
94 | -d)
95 | domain="$2"
96 | shift
97 | ;;
98 | -o)
99 | output_file="$2"
100 | exec > "$output_file" # Redirect stdout to output file
101 | shift
102 | ;;
103 | *)
104 | echo -e "\033[0;31mError: Invalid argument: $key\033[0m"
105 | display_help
106 | ;;
107 | esac
108 | shift
109 | done
110 |
111 | banner
112 |
113 | if [[ -n $target_file ]]; then
114 | while IFS= read -r line; do
115 | check_vulnerability "$line"
116 | done < "$target_file"
117 | elif [[ -n $domain ]]; then
118 | check_vulnerability "$domain"
119 | else
120 | echo -e "\033[0;31mError: No domain specified.\033[0m"
121 | display_help
122 | fi
123 |
124 | # This code is made and owned by BLACK-SCORP10.
125 | # Feel free to contact me at https://t.me/BLACK_SCORP10
126 |
--------------------------------------------------------------------------------