ENNAENNA

MailSniper

MIT

๐Ÿ”ฅ Offensive Ops ยท PowerShell

MailSniper is a PowerShell tool for searching through email in Microsoft Exchange and Office 365 environments during penetration tests. It can log into mailboxes using stolen credentials and search for terms like 'password', 'creds', 'SSN', or custom keywords across the Global Address List. MailSniper supports Exchange Web Services (EWS), Exchange ActiveSync, and Office 365 REST API. It can enumerate valid usernames via timing attacks, perform password sprays against OWA/EWS, and extract valuable data from mail folders, contacts, and calendar entries. Essential for demonstrating email-based data exposure in enterprise assessments.

3.2kstars
599forks
21issues
Updated 8mo ago
+I use this
View on GitHub

Installation

$ git clone https://github.com/dafthack/MailSniper.git

Use Cases

  • Searching Exchange mailboxes for sensitive data during pentests
  • Password spraying against OWA and EWS
  • Enumerating valid Active Directory usernames
  • Extracting credentials stored in email

Tags

exchangeemail-searchoffice365credential-huntingpowershell

Details

Category
๐Ÿ”ฅ Offensive Ops
Language
PowerShell
License
MIT
Platforms
๐ŸชŸwindows

Links

GitHub Repository

github.com/dafthack/MailSniper

Releases

github.com/dafthack/MailSniper/releases

Issues

github.com/dafthack/MailSniper/issues

Sponsored

Your ad here

Reach security professionals and developers - ads@en-na.com

Community Reviews

Alternatives & Comparisons

CrackMapExec

Python

Swiss army knife for pentesting Active Directory. SMB, LDAP, MSSQL, WinRM enumeration and exploitation.

Compare MailSniper vs CrackMapExec

DomainPasswordSpray

PowerShell

PowerShell tool for performing password spray attacks against Active Directory domain accounts with lockout-aware throttling.

Compare MailSniper vs DomainPasswordSpray

Ruler

Go

Tool for abusing Exchange services to gain remote code execution via Outlook mail rules, forms, and home page exploitation.

Compare MailSniper vs Ruler

More in Offensive Ops

Mythic

Go

Collaborative, multi-platform C2 framework. Docker-based with web UI, multiple agent types, and plugin architecture.

c2red-teammulti-operator

Havoc

C/C++

Modern C2 framework. Qt-based GUI, BOF support, custom agents, and a Cobalt Strike-inspired workflow.

c2red-teamgui

Rubeus

C#

C# toolset for raw Kerberos interaction and abuse. AS-REP roasting, Kerberoasting, ticket manipulation, delegation attacks.

kerberosactive-directoryroasting

Certipy

Python

Active Directory Certificate Services (AD CS) abuse tool. Find and exploit certificate template misconfigurations.

active-directorycertificatesadcs

Coercer

Python

Automatically find and exploit Windows authentication coercion vulnerabilities. PetitPotam, PrinterBug, and more.

authentication-coercionntlm-relaypetitpotam

SharpHound

C#

Official BloodHound data collector. Enumerates Active Directory objects, sessions, ACLs, and trusts for graph analysis.

active-directoryenumerationbloodhound