This is a non-IMPACT record, meaning that access to the data is not controlled by IMPACT. For access, see the directions below.

Disclaimer:
This Resource is offered and provided outside of the IMPACT mediation framework. IMPACT and the IMPACT Coordination Council/Blackfire Technology, Inc. expressly disclaim all conditions, representations and warranties including but not limited to Resource availability, quality, accuracy, non-infringement, and non-interference. All Resource information and access is controlled by entities and under terms that are external to the IMPACT legal framework.

Summary

DS-1353
MailSniper
External Tool
External Data Source
GitHub
Unknown
Unknown
55 (lowest rank is 55)

Category & Restrictions

Other
cyber defense, penetration testing
Unrestricted
true

Description


MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.

MailSniper also includes additional modules for password spraying, enumerating users/domains, gathering the Global Address List from OWA and EWS, and checking mailbox permissions for every Exchange user at an organization.

A full list of options that can be used are:

ExchHostname - The hostname of the Exchange server to connect to if Autodiscover is failing.
Mailbox - Email address of the current user the PowerShell process is running as (i.e. the only mailbox the account can search).
Terms - Certain terms to search through each email subject and body for. By default the script looks for "*password*","*creds*","*credentials*".
ExchangeVersion - In order to communicate with Exchange Web Services the correct version of Microsoft Exchange Server must be specified. By default this script tries "Exchange2010". Additional options to try are    Exchange2007_SP1, Exchange2010, Exchange2010_SP1, Exchange2010_SP2, Exchange2013, or Exchange2013_SP1.
OutputCsv - Outputs the results of the search to a CSV file.
MailsPerUser - The total number of latest emails to search through in the mailbox. The default is set to the latest 100 emails in the inbox.

Additional Details

3.0MB
false
Unknown
default password, website, test automation, xml based standards, email address, inferlink corporation, microsoft exchange server, mailsniper, microsoft, directory service, password authentication, centralized computing, web service, intel, penetration test, network architecture, computer security procedures, external data source, automation, computer architecture, global address list, 1353, exploit, email