This extension is designed to help security professionals verify email domain spoofing vulnerabilities and validate DNS-based email security configurations like DMARC, SPF, and DKIM. With SpoofProof, users can efficiently assess if a domain is secure against email spoofing attacks, providing a streamlined and reliable approach to domain spoofing validation.

Features

• Domain Spoofability Check: Evaluate if a domain can be spoofed and take necessary precautions.
• DMARC Validation: Ensure the domain's DMARC records are configured correctly to minimize email spoofing risks.
• SPF Verification: Check SPF records for proper configuration, enhancing email sender verification.
• DKIM Validation: Confirm that DKIM records are correctly set up to authenticate email messages.
• Easy Integration with Burp Suite: Seamlessly integrates within Burp Suite to complement your existing security testing toolkit.

Usage

1. Go to the SpoofProof tab in Burp Suite.
2. Enter the target domain to begin testing.
3. Use the check buttons for DMARC, SPF, and DKIM to validate respective configurations.
4. View the detailed results in the output panel, where recommendations will be provided for mitigating identified vulnerabilities.