20 lines
452 B
YAML
20 lines
452 B
YAML
|
id: spoofable-spf-records-ptr
|
||
|
|
|
||
|
|
info:
|
||
|
|
name: Find spoofable SPF records containing the PTR mechanism
|
||
|
|
author: binaryfigments
|
||
|
|
severity: info
|
||
|
|
description: Check if TXT records in DNS for SPF records that have the PTR mechanism that is spoofable.
|
||
|
|
|
||
|
|
dns:
|
||
|
|
- name: "{{FQDN}}"
|
||
|
|
type: TXT
|
||
|
|
class: inet
|
||
|
|
recursion: true
|
||
|
|
retries: 3
|
||
|
|
matchers:
|
||
|
|
- type: word
|
||
|
|
words:
|
||
|
|
- "v=spf1"
|
||
|
|
- " ptr "
|
||
|
|
condition: and
|