mxchecksec/mxchecksec.py at main · kulkansecurity/mxchecksec · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
#!/usr/bin/env python3
"""
MX Check Sec CLI
"""
import argparse
import sys
from pathlib import Path
from colorama import init, Fore, Style
from mxchecksec.analyzer import MXAnalyzer
from mxchecksec.reporter import Reporter

init(autoreset=True)

def main():
    """
    MXCheckSec - Email security validation tool

    Validates SPF, DKIM, and DMARC records for given domains based on Security Industry testing standards,
    and provides a report in an easy to read output format.

    Version: 1.0.0 - Developed by Serafin Cepeda @ Kulkan Security [www.kulkan.com] - Penetration testing by creative minds.

    Examples:
        python mxchecksec.py example.com
        python mxchecksec.py example.com google.com microsoft.com
        python mxchecksec.py -f domains.txt
        python mxchecksec.py example.com -s custom
        python mxchecksec.py example.com -s selector1 selector2 mycompany
        python mxchecksec.py example.com -d 8.8.8.8
        python mxchecksec.py example.com --dns-server 1.1.1.1
    """
    parser = argparse.ArgumentParser(
        description="""
MXCheckSec - Email security validation tool

Validates SPF, DKIM, and DMARC records for given domains based on Security Industry testing standards,
and provides a report in an easy to read output format.

Version: 1.0.0 - Developed by Serafin Cepeda @ Kulkan Security [www.kulkan.com] - Penetration testing by creative minds.
        """,
        epilog="""
Examples:
  %(prog)s example.com
  %(prog)s example.com google.com microsoft.com
  %(prog)s -f domains.txt
  %(prog)s example.com -s custom
  %(prog)s example.com -s selector1 selector2 mycompany
  %(prog)s example.com -d 8.8.8.8
  %(prog)s example.com --dns-server 1.1.1.1
        """,
        formatter_class=argparse.RawDescriptionHelpFormatter
    )

    parser.add_argument('domains', nargs='*', help='Domain(s) to analyze')
    parser.add_argument('--file', '-f', type=str, help='File containing list of domains (one per line)')
    parser.add_argument('--dkim-selectors', '-s', nargs='+', help='Custom DKIM selectors to check (in addition to common ones)')
    parser.add_argument('--dns-server', '-d', type=str, help='Custom DNS server to use for queries (e.g., 8.8.8.8, 1.1.1.1)')
    parser.add_argument('--no-color', action='store_true', help='Disable colored output')

    args = parser.parse_args()

    if args.no_color:
        # Disable colorama colors
        Fore.RED = Fore.GREEN = Fore.YELLOW = Fore.BLUE = Fore.MAGENTA = Fore.CYAN = Fore.WHITE = ''
        Style.RESET_ALL = Style.BRIGHT = Style.DIM = ''

    domain_list = []

    if args.domains:
        domain_list = list(args.domains)

    # Read domains from file if provided
    if args.file:
        try:
            file_path = Path(args.file)
            if not file_path.exists():
                print(f"{Fore.RED}Error: File {args.file} does not exist", file=sys.stderr)
                sys.exit(1)

            with open(file_path, 'r') as f:
                file_domains = [line.strip() for line in f if line.strip() and not line.startswith('#')]
                domain_list.extend(file_domains)
        except Exception as e:
            print(f"{Fore.RED}Error reading file {args.file}: {e}", file=sys.stderr)
            sys.exit(1)

    if not domain_list:
        print(f"{Fore.RED}Error: No domains provided. Use --help for usage information.", file=sys.stderr)
        sys.exit(1)

    # Remove duplicates
    domain_list = list(dict.fromkeys(domain_list))

    analyzer = MXAnalyzer(dns_server=args.dns_server)
    reporter = Reporter(no_color=args.no_color)

    print(f"{Fore.CYAN}MXCheckSec - Analyzing {len(domain_list)} domain(s)...\n")

    print("Version: 1.0.0 - Developed by Serafin Cepeda @ Kulkan Security [www.kulkan.com] - Penetration testing by creative minds.\n")

    results = []
    custom_selectors = args.dkim_selectors if args.dkim_selectors else []
    for domain in domain_list:
        try:
            result = analyzer.analyze_domain(domain, custom_dkim_selectors=custom_selectors)
            results.append(result)
        except Exception as e:
            print(f"{Fore.RED}Error analyzing {domain}: {e}", file=sys.stderr)
            results.append({
                'domain': domain,
                'error': str(e),
                'mx_records': [],
                'ns_records': [],
                'spf': None,
                'dkim': None,
                'dmarc': None,
                'provider': 'Unknown'
            })

    # Useful for debug
    # print(results)

    reporter.generate_report(results)

if __name__ == '__main__':
    main()