Add files via upload

bardurc · Aug 13, 2019 · 83d5883 · 83d5883
commit 83d5883
Show file tree

Hide file tree

Showing 4 changed files with 98 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -0,0 +1,20 @@
+# isDomainSpoofable
+Checks the status of SPF and DMARC for a domain
+
+**Python version:**
+- Python3
+
+# Requirements:
+    pip install -r requirements.txt
+
+# Usage:
+    python isDomainSpoofable.py
+
+Script reads domains from domains.yaml and parses spf and dmarc records, if they exist.
+Result is written to "result.csv".
+
+# Example csv output:
+    Entity,Domain,Has SPF,Has DMARC,DMARC p Policy,SPF record,DMARC record
+    Example Entity,example.com,Yes,No,,v=spf1 -all,
+    Microsoft,microsoft.com,Yes,Yes,reject,v=spf1 include:_spf-a.microsoft.com include:_spf-b.microsoft.com include:_spf-c.microsoft.com include:_spf-ssg-a.microsoft.com include:spf-a.hotmail.com ip4:147.243.128.24 ip4:147.243.128.26 ip4:147.243.1.153 ip4:147.243.1.47 ip4:147.243.1.48 -all,v=DMARC1; p=reject; pct=100; rua=mailto:[email protected]; ruf=mailto:[email protected]; fo=1
+    Google,google.com,Yes,Yes,reject,v=spf1 include:_spf.google.com ~all,v=DMARC1; p=reject; rua=mailto:[email protected]
diff --git a/domains.yaml b/domains.yaml
@@ -0,0 +1,4 @@
+---
+Example Entity: example.com
+Microsoft: microsoft.com
+Google: google.com
diff --git a/isDomainSpoofable.py b/isDomainSpoofable.py
@@ -0,0 +1,72 @@
+import yaml
+import dns.resolver
+import csv
+
+
+def check_spf(domain):
+    spf = None
+    try:
+        for r in dns.resolver.query(domain, 'TXT'):
+            # convert object to string and strip '"'
+            rtext = r.to_text().lstrip('"').rstrip('"')
+            # extract only spf records
+            if rtext.startswith('v=spf'):
+                spf = rtext
+    except dns.resolver.NoAnswer as e:
+        spf = None
+    return spf
+
+def check_dmarc(domain):
+    dmarc = None
+    p_policy = None
+    dmarc_domain = '_dmarc.' + domain
+    try:
+        for r in dns.resolver.query(dmarc_domain, 'TXT'):
+            # convert object to string and strip '"'
+            rtext = r.to_text().lstrip('"').rstrip('"')
+            # extract only dmarc records
+            if rtext.startswith('v=DMARC'):
+                dmarc = rtext
+                p_policy = get_dmarc_policy(dmarc)
+    except dns.resolver.NXDOMAIN:
+        dmarc = None
+    except dns.resolver.NoAnswer:
+        dmarc = None
+    return dmarc, p_policy
+
+def get_dmarc_policy(dmarc):
+    try:
+        # split tags into list
+        dmarc = dmarc.split(';')
+        # extract p tag 
+        dmarc_p_policy = dmarc[1].split('=')[1]
+    except:
+        dmarc_p_policy = None
+    return dmarc_p_policy
+
+with open('domains.yaml', encoding='utf-8') as f:
+    result = []
+    data = yaml.load(f, Loader=yaml.FullLoader)
+    for k, v in data.items():
+        print('Analysing %s' % (v))
+        spf = check_spf(v)
+        #has_spf = None
+        if spf:
+            has_spf = 'Yes'
+        else:
+            has_spf = 'No'
+        dmarc = check_dmarc(v)[0]
+        #has_dmarc = None
+        if dmarc:
+            has_dmarc = 'Yes'
+        else:
+            has_dmarc = 'No'
+        dmarc_p_policy = check_dmarc(v)[1]
+        result.append((k,v,has_spf,has_dmarc,dmarc_p_policy,spf,dmarc))
+
+#write result to csv file
+with open('result.csv', 'w', newline = '', encoding = 'utf-8') as f:
+    writer = csv.writer(f, delimiter = ',')
+    writer.writerow(('Entity', 'Domain', 'Has SPF', 'Has DMARC', 'DMARC p Policy', 'SPF record', 'DMARC record'))
+    for d in result:
+        writer.writerow(d)
diff --git a/requirements.txt b/requirements.txt
@@ -0,0 +1,2 @@
+pyyaml
+dnspython