espoofer
by chenjj
espoofer is an open-source tool designed to test and bypass SPF, DKIM, and DMARC email authentication protocols, enabling detection of email spoofing vulnerabilities.
An email spoofing testing tool that aims to bypass SPF/DKIM/DMARC and forge DKIM signatures.🍻
Primary Use Case
This tool is primarily used by mail server administrators and penetration testers to evaluate whether email servers and clients are vulnerable to spoofing attacks or can be exploited to send forged emails. It helps identify weaknesses in SPF, DKIM, and DMARC implementations to improve email security.
- Bypasses SPF, DKIM, and DMARC email authentication protocols
- Forges DKIM signatures to test email spoofing vulnerabilities
- Supports three operational modes: server, client, and manual
- Integrates multiple test cases for comprehensive spoofing assessment
- Provides a mail server mode to test receiving service validations
- Offers a client mode to test sending service validations
- Includes manual mode for debugging purposes
- Backed by research presented at Black Hat USA 2020 and USENIX Security 2020
Installation
- git clone https://github.com/chenjj/espoofer
- sudo pip3 install -r requirements.txt
- Ensure Python 3 version >= 3.7 is installed
Usage
>_ espoofer -sRun espoofer in server mode to act as a mail server testing validation in receiving services (default mode).
>_ espoofer -cRun espoofer in client mode to act as an email client testing validation in sending services.
>_ espoofer -mRun espoofer in manual mode for debugging purposes.
- Integrate espoofer into phishing simulation campaigns to test real-world email authentication bypass scenarios.
- Use the tool to validate and harden SPF/DKIM/DMARC configurations regularly as part of blue team defense.
- Leverage the manual mode for deep-dive debugging and forensic analysis of suspicious email flows.
- Combine with SIEM alerting to detect spoofed emails that bypass authentication in production environments.
- Employ espoofer in purple team exercises to improve collaboration between offensive and defensive teams on email security.
Docs Take 2 Hours. AI Takes 10 Seconds.
Ask anything about espoofer. Installation? Config? Troubleshooting? Get answers trained on real docs and GitHub issues—not generic ChatGPT fluff.
This tool hasn't been indexed yet. Request indexing to enable AI chat.
Admin will review your request within 24 hours
Related Tools
mailcow-dockerized
mailcow/mailcow-dockerized
mailcow: dockerized - 🐮 + 🐋 = 💕
Spoofy
MattKeeley/Spoofy
Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.
docker-postfix
bokysan/docker-postfix
Multi architecture simple SMTP server (postfix null relay) host for your Docker and Kubernetes containers. Based on Debian/Ubuntu/Alpine.
sublime-rules
sublime-security/sublime-rules
Sublime rules for email attack detection, prevention, and threat hunting.
spamscope
SpamScope/spamscope
Fast Advanced Spam Analysis Tool
EmailAnalyzer
keraattin/EmailAnalyzer
With EmailAnalyzer you can analyze your suspicious emails. You can extract headers, links, and hashes from the .eml file and you can generate reports.