New: CheckVibe MCP server — scan from Claude Code and Cursor nativelyRead the docs
Verify DNS configuration, SPF, DKIM, DMARC records, and domain security.
Overview
DNS misconfigurations can lead to domain hijacking, email spoofing, and subdomain takeover. Our scanner checks SPF, DKIM, and DMARC records for email authentication, DNS zone configuration, DNSSEC status, and subdomain enumeration for potential takeover risks.
What this scanner does
Queries DNS records for SPF, DKIM, DMARC configuration. Checks for dangling CNAME records (subdomain takeover risk), verifies DNSSEC deployment, analyzes nameserver configuration, and validates email authentication records.
Why it matters
Without proper SPF/DKIM/DMARC, anyone can send emails that appear to come from your domain — enabling phishing attacks against your users. DNS misconfigurations can also let attackers take over your subdomains or redirect your traffic.
Common findings
OWASP Top 10 coverage
Get a full security report with AI-powered fix suggestions in 30 seconds. No setup required.
Related checks
Configuration Audit
Verify your SSL/TLS configuration, certificate validity, and encryption strength.
Infrastructure Check
Detect subdomain takeover vulnerabilities and domain registration security issues.
Configuration Audit
Check if your site has the right HTTP security headers to prevent common attacks.
