OSINT

Sites

• OSINT Framework

Google Dorking

• Sans Cheatsheet

• sundowndev Cheatsheet

Mail

Query domain records

nslookup -type=any <domain>

dig <domain> any

SPF (Sender Policy Framework)

Sender Policy Framework (SPF) is an email authentication method designed to detect forging sender addresses during the delivery of the email.[2] SPF alone, though, is limited to detecting a forged sender claim in the envelope of the email, which is used when the mail gets bounced.[2] Only in combination with DMARC can it be used to detect the forging of the visible sender in emails (email spoofing[3]), a technique often used in phishing and email spam.

-- Wikipedia

Query domain, check TXT record.

"v=spf1 ip4:192.0.2.0/24 ip4:198.51.100.123 a -all"

DMARC (Domain-based Message Authentication, Reporting and Conformance)

DMARC (Domain-based Message Authentication, Reporting and Conformance) is an email authentication protocol. It is designed to give email domain owners the ability to protect their domain from unauthorized use, commonly known as email spoofing. The purpose and primary outcome of implementing DMARC is to protect a domain from being used in business email compromise attacks, phishing emails, email scams and other cyber threat activities.

-- Wikipedia

Query _dmarc.<domain>, check TXT record.

"v=DMARC1;p=none;sp=quarantine;pct=100;rua=mailto:dmarcreports@example.com;"