smtpAudit.py
This commit is contained in:
parent
76a0ccafce
commit
b9c34882c5
|
@ -88,6 +88,43 @@ Capturing on 'eth0'
|
|||
12 0.050831934 192.168.1.14 → 224.0.0.9 RIPv2 61 Unknown command (64)[Malformed Packet]
|
||||
```
|
||||
|
||||
- **`smtpAudit.py`** - SMTP Server configuration black-box testing/audit tool, capable of auditing SPF/Accepted Domains, DKIM, DMARC, SSL/TLS, SMTP services, banner, Authentication (AUTH, X-EXPS), conducting user enumerations (VRFY, EXPN, RCPT TO) and others. ([gist](https://gist.github.com/mgeeky/ef49e5fb6c3479dd6a24eb90b53f9baa))
|
||||
|
||||
Currently supported tests:
|
||||
01) 'spf' - SPF DNS record test
|
||||
- 'spf-version' - Checks whether SPF record version is valid
|
||||
- 'all-mechanism-usage' - Checks whether 'all' mechanism is used correctly
|
||||
- 'allowed-hosts-list' - Checks whether there are not too many allowed hosts
|
||||
02) 'dkim' - DKIM DNS record test
|
||||
- 'public-key-length' - Tests whether DKIM Public Key is at least 1024 bits long
|
||||
03) 'dmarc' - DMARC DNS record test
|
||||
- 'dmarc-version' - Checks whether DMARC record version is valid
|
||||
- 'policy-rejects-by-default' - Checks whether DMARC uses reject policy
|
||||
- 'number-of-messages-filtered' - Checks whether there are at least 20% messages filtered.
|
||||
04) 'banner-contents' - SMTP Banner sensitive informations leak test
|
||||
- 'not-contains-version' - Contains version information
|
||||
- 'not-contains-prohibited-words'- Contains software/OS/or other prohibited name
|
||||
- 'is-not-long-or-complex' - Seems to be long and/or complex
|
||||
- 'contains-hostname' - Checks whether SMTP banner contains valid hostname
|
||||
05) 'open-relay' - Open-Relay misconfiguration test
|
||||
- 'internal-internal'
|
||||
- 'internal-external'
|
||||
- 'external-internal'
|
||||
- 'external-external'
|
||||
- And about 19 other variants
|
||||
- (the above is very effective against Postfix)
|
||||
06) 'vrfy' - VRFY user enumeration vulnerability test
|
||||
07) 'expn' - EXPN user enumeration vulnerability test
|
||||
08) 'rcpt-to' - RCPT TO user enumeration vulnerability test
|
||||
09) 'secure-ciphers' - SSL/TLS ciphers security weak configuration
|
||||
10) 'starttls-offering' - STARTTLS offering (opportunistic) weak configuration
|
||||
11) 'auth-over-ssl' - STARTTLS before AUTH/X-EXPS enforcement weak configuration
|
||||
12) 'auth-methods-offered' - Test against unsecure AUTH/X-EXPS PLAIN/LOGIN methods.
|
||||
13) 'tls-key-len' - Checks private key length of negotiated or offered SSL/TLS cipher suites.
|
||||
14) 'spf-validation' - Checks whether SMTP Server has been configured to validate sender's SPF
|
||||
or if it's Microsoft Exchange - that is uses Accepted Domains
|
||||
|
||||
|
||||
- **`sshbrute.py`** - ripped out from Violent Python - by TJ O'Connor. ([gist](https://gist.github.com/mgeeky/70606be7249a61ac26b34b1ef3b07553))
|
||||
|
||||
- **`smb-credential-leak.html`** - SMB Credentials leakage by MSEdge as presented in Browser Security White Paper, X41 D-Sec GmbH. ([gist](https://gist.github.com/mgeeky/44ce8a8887c169aa6a0093d915ea103d))
|
||||
|
|
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue