Emails

Chrome extension

ExtensionsRocketReach

Google Dork

intext:"@domain.com"

intext:"@example.com" site:linkedin.com

Find email adresses

https://hunter.io/discoverhunter.io

ContactOut - Find Anyone’s Email & PhoneContactOut

Mail is used on different sites like twitter, etc.

GitHub - megadose/holehe: holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function.GitHub

GitHub - RetrO-M/Hawker: ☆ An OSINT tool in python to find information about an email or phone number and get information about a URL then get information about an IP addressGitHub

osint.rocks

Epieos, the ultimate OSINT toolEpieos

Castrick - Find clues about anyoneCastrick

Social Media

Opsec / Anonymity

OpSec / Anonymity

Email Spoofing

Check SPF, DKIM, DMARC

# dig TXT _dmarc.domain.com

; <<>> DiG 9.18.24-1-Debian <<>> TXT _dmarc.domain.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7149
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;_dmarc.domain.com.		IN	TXT

;; AUTHORITY SECTION:
domain.com.		60	IN	SOA	dns112.blah.net. tech.blah.net. 2024102800 86400 3600 3600000 60

;; Query time: 63 msec
;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP)
;; WHEN: Mon Nov 18 23:41:06 EST 2024
;; MSG SIZE  rcvd: 104

ANSWER: 0 -> DMARC not configured 

Strict DMARC policy (such as “p=reject”) is not defined.

GitHub - CanIPhish/CanIBeSpoofed: CanIBeSpoofed is a console project utilising functionality built for the https://caniphish.com/free-phishing-tools/email-spoofing-test website. This project facilitates scanning of domains to gain visibility over email supply chain and SPF/DMARC vulnerabilities.GitHub

GitHub - MattKeeley/Spoofy: Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.GitHub

GitHub - a6avind/spoofcheck: SpoofcheckGitHub

./spoofy.py -d domain.com

How To Spoof An Email Address In 5 StepsCanIPhish

Phishing: how to prevent email spoofing? [SPF, DKIM, DMARC]VAADATA - Ethical Hacking Services

MailSecOps

GitHub - 0xhav0c/MailSecOps: MailSecOps is an email and mail gateway security testing tool. With this script, you can perform mail spoofing, relay tests and security checks for a specific domain. The tool also helps to verify SPF, DMARC, SSL/TLS and other security tests.GitHub

Online Tool - Spoof Mail

Emkei's Anonymous Mailer

DMARC-SPF-Checker

GitHub - fdzdev/DMARC-SPF-Checker: Python tool designed to identify misconfigured DMARC and SPF settings in domains. It resolves DNS records, checks for DMARC policies, SPF records, and logs the results for each domain. Additionally, it provides the option to send a spoofed email for testing purposes if misconfigurations are detected. Supports bulk and individual scanning.GitHub

With Gophish

Phishing Attack with Spoofed Mail from ScratchMedium

With Social-Engineer Toolkit

In this example, we use brevo as a smtp relay server. The mail received will be of the form username_spoofed@smtp_relay_domain rather than username_spoofed@domain_spoofed, as brevo modifies the domain name for security reasons.

https://www.youtube.com/watch?v=lR_Ck3-_AGQ

https://app.brevo.com/

Email Security Checklist

GitHub - hoangcuongflp/Email-Security-Checklist: You’ve hardened your servers, locked down your website and are ready to take on the internet. But all your hard work was in vain, because someone fell for a phishing email and wired money to a scammer, while another user inadvertently downloaded and installed malware from an email link that opened a backdoor into the network. Email is as important as the website when it comes to security. As a channel for social engineering, malware delivery and resource exploitation, a combination of best practices and user education should be enacted to reduce the risk of an email-related compromise. By following this 13 step checklist, you can make your email configuration resilient to the most common attacks and make sure it stays that way.GitHub

Resources

Top Phishing TechniquesRedTeamRecipe

Open Relay

SMTP (25, 465)

Google Account - GHunt

GitHub - mxrch/GHunt: 🕵️‍♂️ Investigate Google emails and documents.GitHub

Extract email from commit history in GitHub repos

GitHub - Imp0sters/Gitmail-Harvester: Gitmail Harvester is a powerful OSINT/Red Team and Pentest tool designed to extract email addresses from commit history in GitHub repositoriesGitHub