Single or bulk scan of domains for SPF, DKIM, or DMARC records
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
cmd/drs
scanner
vendor
.gitignore
Gopkg.lock
Gopkg.toml
LICENSE
Makefile
README.md

README.md

GCA DMARC Risk Scanner

The DMARC Risk Scanner can be used to perform scans against domain(s) for DMARC, SPF and DKIM DNS records. The scan results will provide the raw DNS record for each protocol, if the record exists. A Web API is also available if organizations would like to perform a single domain scan for DKIM, DMARC and/or SPF at https://dmarcguide.globalcyberalliance.org.

Build

To build the application run make in the root directory. Alternatively use

go build -o bin/drs github.com/GlobalCyberAlliance/GCADMARCRiskScanner/cmd/drs

SPF

Scan a domain for an SPF record.

drs spf [domain]

DMARC

Scan a domain for a DMARC record.

drs dmarc [domain]

DKIM

Scan a domain for a DKIM record.

drs dkim [domain] [dkim_selector]

Bulk

Scan any number of domains for SPF and DMARC records. Defaults to STDIN.

Flags

--opendns Use OpenDNS's nameservers

--google Use Google's nameservers

--level3 Use Level3's nameservers

-n --nameservers Use specific nameservers, in host[:port] format; may be specified multiple times

-t --timeout Timeout duration for a DNS query

-c --concurrent The number of domains to scan concurrently

-z --zonefile Input file/pipe contains an RFC 1035 zone file

-p --progress Show a progress bar (disabled when reading from STDIN)

License

This repository is licensed under the Apache License version 2.0.

Some of the project's dependencies may be under different licenses.