SMTPTester : Small Python3 Tool To Check Common Vulnerabilities In SMTP Servers

SMTPTester is a python3 tool to test SMTP server for 3 common vulnerabilities:

  • Spoofing – The ability to send a mail on behalf of an internal user
  • Relay – Using this SMTP server to send email to other address outside of the organization
  • User Enumeration – using the SMTP VRFY command to check if specific username and\or email address exist within the organization.

How to use it?

First, install the needed dependencies:

pip install -r requirments.txt

Second, run the tool with the needed flags:

python SMTPTester.py –tester [tester email] –targets [SMTP IP or file containing multiple IPs]

Also Read – MalConfScan : Volatility Plugin For Extracts Configuration Data Of Known Malware

Options to consider

  • -i\–internal
    • testing only for mail spoofing
  • -e\–external
    • only testing for mail relay
  • -v\–vrfy
    • only perform user enumeration the tool will perform both internal and external when no specific test type is specified, and will append the output to a log file on the same folder as the SMTPTester.py file.

Issues, bugs and other code-issues

Yeah, I know, this code isn’t the best. I’m fine with it as I’m not a developer and this is part of my learning process. If there is an option to do some of it better, please, let me know.

R K

Recent Posts

How to Install Docker on Ubuntu (Step-by-Step Guide)

Docker is a powerful open-source containerization platform that allows developers to build, test, and deploy…

5 days ago

Uninstall Docker on Ubuntu

Docker is one of the most widely used containerization platforms. But there may come a…

5 days ago

Admin Panel Dorks : A Complete List of Google Dorks

Introduction Google Dorking is a technique where advanced search operators are used to uncover information…

6 days ago

Log Analysis Fundamentals

Introduction In cybersecurity and IT operations, logging fundamentals form the backbone of monitoring, forensics, and…

7 days ago

Networking Devices 101: Understanding Routers, Switches, Hubs, and More

What is Networking? Networking brings together devices like computers, servers, routers, and switches so they…

1 week ago

Sock Puppets in OSINT: How to Build and Use Research Accounts

Introduction In the world of Open Source Intelligence (OSINT), anonymity and operational security (OPSEC) are…

1 week ago