how to identify Vulnerable Mail Receivers in the public Internet ?

Question

how to identify Vulnerable Mail Receivers in the public Internet ?

rafale0n opened this issue 3 years ago · 2 comments

Again, fascinating project and would love to learn more about it. If you can share your techniques of identifying Vulnerable Mail Receivers in the wild I would be over the moon.

Thanks once again.

Answer 1 · 2022-03-07T03:42:33.000Z

Hi, sorry for the late reply! The easiest way to identify vulnerable mail receivers is to simply email a non-existent address at a target domain and see if a bounce message is received. Once received, you can inspect the headers to identify whether sensitive information is being leaked. I've also created a tool which makes this identification a bit simpler (https://caniphish.com/free-phishing-tools/email-spoofing-test) but there is rate limiting in-place to prevent widespread use.

In terms of narrowing things down, I've found that larger organisations that have been around for 10+ years are typically vulnerable to this type of attack.

Answer 2 · 2022-06-14T10:48:11.000Z

Closing as answered