CanIPhish are the maintainers of this open source project. We provide a cloud-delivered phishing simulation platform. To check out the service we provide, please see: https://caniphish.com/caniphish-vs-open-source-phishing
canibespoofed-console is a console project utilising functionality built for the https://caniphish.com/free-phishing-tools/email-spoofing-test website. This project facilitates scanning of domains to gain visibility over email supply chain and SPF/DMARC vulnerabilities. See https://caniphish.com/free-phishing-tools/email-spoofing-test/features for a full list of capabilities the console project can demonstrate. The console project is designed for use by Information Security professionals who need to scan domains in a more automated fashion than is readily available through the web gui.
Windows 10 Endpoint or Windows Server 2012+ with .NET Framework 4.5 onwards
git clone https://github.com/Rices/CanIBeSpoofed.git
cd canibespoofed-console\bin\Debug
Note: To provide the IP geolocation functionality, the free API @ https://ipgeolocation.io/ is leveraged. However the free API key within the project is limited to 1000 calls a day (between 20-50 domain SPF lookups). It's likely this limit will be hit so I highly recommend creating a free account at IPGeolocation and replacing the listed API key under canibespoofed-console/Spoof_Check/Geolocation.cs. Once saved, rebuild the project through Visual Studio and scan at will :)
Options:
-h, --help show help message and exit
-b, --batch switch used to perform a batch scan against multiple domains
-o, --output output scanning results into a JSON formatted file (e.g. -o "C:\results.json") [only applicable when used with the -b switch]
-i, --input input a pipe delimited list (e.g. -i "domainList.csv") for batch scanning [only applicable when used with the -b switch]
Example Usage (Single Domain Supply Chain Scan): canibespoofed-console github.com
Example Usage (Bulk Domain High-level Scan): canibespoofed-console -b -i "C:\domainListing.csv" -o "C:\results.json"
The core features can be broken into 4 categories. It's through the aggregation of these features that we gain a full picture of your email infrastructure. The categories are as follows:
We perform 13 checks against SPF & DMARC configurations, as follows:
We recursively query your SPF record and all lookups within it, allowing us to identify all IPv4 and IPv6 IP addresses in-use. Once identified, we collate IP ownership information, providing you with a mechanism to see who operates your downstream mail sender infrastructure.
Building from the point above, we enhance the view of your mail sender supply chain by pulling near exact geolocation information. We provide this information in both a tabular format but also visualised on a world map. This can assist with identification of geolocation motivated risks - e.g. if you're a Federal Government Agency in a Five-Eyes Country, it would be best to avoid use of mail infrastructure owned by a hostile nations ISP and operated out of said nation.
We subscribe to multiple IP-driven blacklists which identify IPs that are associated with:
- Unsolicated Bulk Emails, Spam Operations & Spam Services (i.e. Low Reputation Senders)
- Snowshoe spam, whereby spammers are actively attempting to evade spam detection (i.e. Low Reputation Senders)
- Hijacked endpoints infected by illegal 3rd party exploits, including open proxies (HTTP, socks, AnalogX, wingate, etc), worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
- End-user (non-MTA) addresses which are dynamically allocated to residential users (i.e. Low Reputation Senders)
CanIPhish Non-Commercial License (Version 1.0)
Copyright (c) 2025 Can I Phish Pty Ltd All rights reserved.
-
Definitions 1.1. "Software" refers to the source code, object code, and/or documentation made available under this license, titled “CanIBeSpoofed,” along with any modifications or derivative works thereof. 1.2. "Non-Commercial" use means personal, educational, research, or charitable usage where no direct or indirect commercial advantage or monetary compensation is sought. 1.3. "Commercial Use" means any usage of the Software, or derivative works thereof, that: (a) is performed for profit, revenue generation, or any monetary compensation; or (b) is integrated into a product or service that is sold, licensed, or otherwise provided for a fee. 1.4. "Licensee" refers to any person or entity exercising permissions granted by this license.
-
License Grant (Non-Commercial) 2.1. Subject to the terms and conditions of this License, the Licensor hereby grants Licensee a worldwide, royalty-free, non-exclusive, revocable license to: (a) Use and reproduce the Software, in whole or in part, solely for Non-Commercial purposes; (b) Modify and create derivative works of the Software, in whole or in part, solely for Non-Commercial purposes; and (c) Distribute copies of the Software and any modifications or derivative works thereof, in source or object form, solely for Non-Commercial purposes, provided that Licensee includes a copy of this License and retains all applicable copyright and trademark notices.
-
Commercial Use Prohibited Without Approval 3.1. Licensee may not use the Software or any derivative works thereof for Commercial Use without obtaining an express written permission or commercial license from the Licensor. 3.2. To inquire about Commercial Use, please contact the Licensor at: support@caniphish.com
-
Compliance with Other Licenses 4.1. If the Licensee incorporates any third-party code or libraries into the Software or derivatives, the Licensee is solely responsible for compliance with any open source or proprietary licenses that may apply to those components. 4.2. This License applies only to code authored by or contributed to the Software by the Licensor and does not supersede any other party’s rights in such third-party code.
-
Disclaimer of Warranty 5.1. THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. IN NO EVENT SHALL THE LICENSOR BE LIABLE FOR ANY CLAIM, DAMAGES, OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF, OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-
Limitation of Liability 6.1. TO THE FULLEST EXTENT PERMITTED BY LAW, IN NO EVENT WILL THE LICENSOR BE LIABLE FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
-
Termination 7.1. This License and the rights granted hereunder will terminate automatically if the Licensee fails to comply with any term herein. 7.2. Upon termination, the Licensee must cease all use and distribution of the Software and destroy or return all copies, full or partial.
-
Governing Law & Jurisdiction 8.1. This License shall be governed by and interpreted in accordance with the laws of Queensland, Australia, without regard to its conflict of law provisions. 8.2. Any legal action or proceeding relating to this License shall be brought exclusively in the courts located in Queensland, Australia, and each party consents to the jurisdiction of such courts.
-
Entire Agreement 9.1. This License constitutes the entire agreement between the Licensee and the Licensor regarding the subject matter herein and supersedes all prior understandings or agreements. Any modifications to this License must be in writing and signed by both parties.
BY USING OR DISTRIBUTING THE SOFTWARE, YOU INDICATE YOUR ACCEPTANCE OF THIS LICENSE. IF YOU DO NOT AGREE TO THE TERMS, DO NOT USE THE SOFTWARE.