Offensive Security Tool: Swaks – Swiss Army Knife for SMTP

Reading Time: 2 Minutes

Offensive Security Tool: Swaks – Swiss Army Knife for SMTP

GitHub Link

Swaks – Swiss Army Knife for SMTP

Swaks is a featureful, flexible, scriptable, transaction-oriented SMTP test tool written and maintained by John Jetmore.

When you are performing Pentesting or Bug Bounty Hunting, you still end up with a lot of SMTP servers throughout your recon process. This tool will quickly let you understand a lot of weaknesses using different probing and testing vectors to determine the weakness and/or escalate to exploiting this protocol which will maximize the potential of finding valid vulnerabilities.

See Also: Complete Offensive Security and Ethical Hacking Course

Features include:

• SMTP extensions including TLS, authentication, pipelining, PROXY, PRDR, and XCLIENT
• Protocols including SMTP, ESMTP, and LMTP
• Transports including UNIX-domain sockets, internet-domain sockets (IPv4 and IPv6), and pipes to spawned processes
• Completely scriptable configuration, with option specification via environment variables, configuration files, and command line

Download

The latest version of Swaks is 20201014.0 (announcement), which can be downloaded as a package or a standalone script.

See the installation page for details on installing in multiple environments.

There is also a versions page which lists every released version of Swaks, complete with changelogs and download links.

See Also: New tool can uncover redacted, pixelated text to reveal sensitive data

Documentation

The reference documentation from the latest release, which includes quick-start examples, is available as plain text and rendered. The documentation from each release is available from the versions page. There is also an Occasionally Asked Questions document.

See Also: How ILOVEYOU worm became the first global computer virus pandemic