zED

This is the project page for:
zED commenced around Easter 2019,  as of 18th July 2019 it is in alpha and is an MVP, November 2020 saw a re-write of the core TLS and DNS scanning modules and email dispatcher, with many improvements added based on feedback from the community. 
In the “new” the gov.uk to gov.uk/nhs.net/police.uk email being secure (i.e. the post GCSx world). How do we assess if suppliers to local councils are secure?  Do they use TLS s ecuring their email via encryption and do they have a dmarc DNS record in place set at reject/100% thus securing their reputation as senders of email?
zED seeks to answer this question with regular and one-off scans, and aid the decision making of data asset owners. DPO’s and SIRO’s, it is supported in its development by ISfL (the London WARP), SW WARP and HP WARP at this time.
We are now accepting data from public sector organisations to the Alpha, if you send us your top outbound email domains, we will check their TLS and SPF and DMARC DNS records for you so you can baseline your risks and give your users guidnace, please use the form below to enrol for zED, and someone will be in contact soonest.

 

If your or your organisation is a WARP member we will be posting data on the gov.uk domains via updates to WARPs upon request.
The cost of running this is met by 1uglycrazyroboT for the common good for the following organisations: Government domains such as .gov.uk, .police.uk .mod.uk etc, also the voluntarily academic and 3rd sector, others upon application. That said you may wish to contribute,  however, I would like to make a few things clear.
Firstly, I have never counted the hours spent doing projects such as this, and would never ask for money in exchange for that. I do it for pleasure, for the passion of making useful tools, to help as many people as possible, and to learn. Thus, I hope my work is useful to the public sector infosec community.
Secondly. I only created this donation system because people suggested that I create it and that my work could be rewarded. You are free to support me by making a donation or sharing what this certificate scanner does with others so they can make use of it. I am very grateful to you in advance. The best reward is your positive feedback and use of what I have made. So thanks for reading this, and if you would like to buy me a coffee:
Go to https://www.buymeacoffee.com/MvN7Fa1kQ
Finally our services can also be licensed commercially for other domains.
Code: Running in Alpha, mainly spring 2019, use AWS (London) Ubuntu Server 18.04 LTS (HVM), using Bash and Perl, coded by @cryptomoose, calling the mighty @SwaksSMTP  for TLS testing with words by @waoaoms