SMTP (email) server with a focus on simplicity, security, and ease of operation [mirror]

Simple script that checks a domain for email protections

Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.

Sublime rules for email attack detection, prevention, and threat hunting.

Scan domains and return data based on trustworthy email best practices

A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and control, hunt for advanced threats, collaborate with the community, and write detections-as-code.

An forensics tool to help aid in the investigation of spoofed emails based off the email headers.

Another utility to analyze state of deployment of security-related email protocols.

The DNS Hunt will make your life easier, and of course faster.

URL / IP / Email defanging with Javascript. Make IoC harmless.

Phishable is a project that logs misconfigured DNS that can be exploited to conduct phishing attacks & spoof domains. Phishable helps orgs investigate phishing campaigns, gauge third-party risk & mitigate these risks. All orgs on the list are exposed to higher risk of threat actors gaining initial entry to their org, supply chain, and customers.

SPF-finder is designed to check for the validation of a Sender Policy Framework (SPF) record in a domain's DNS settings. It uses the nslookup command to query the DNS server for the SPF record, and then parses the output to determine if the record is present or not. It also have functionality for reading a list of domains.

EmailSecCheck is a lightweight Python utility used to check for common SPF/DMARC misconfigurations that may allow for email spoofing.

URL / IP / Email defanging with Golang. Make IoC harmless.

A privacy-first email solution that provides an email alias @maily.org to hide the original email address when using the internet

Plesk Extension for SpamExperts' services integration

Aliyun CTF Teapot mail server POC for DKIM

Cisco Firepower Management Centre (FMC) scripts

A terraform module to set up DNS records to harden the parked(unused) domain using GCP Cloud DNS.

🧰️✉️🪱️ The DMail tacklebox is a separate email folder that holds phishing attempts (known as lures) it is separate from the spam folder, the inbox, and other folders.