Re: e-mail address mining tool?

[Marco Ivaldi <raptor () 0xdeadbeef info>]

> Hello list.

Hey,

> First off all congratulate every one for always sharing their knowledge 
> for free and for the... well lets get to the point :) I'm wondering if 
> any one knows a tool that can gather email addresses of the users inside 
> a domain, from the email server.

My brutus.pl script supports usernames gathering through Sendmail-style 
RCPT TO answers, as well as the old-fashioned VRFY/EXPN dictionary attack. 
Still very useful during the information gathering phase of penetration 
tests, IMHO. You can download it at (Net-Telnet is required):

http://www.0xdeadbeef.info/code/brutus.pl

Have fun,

--
Marco Ivaldi
Antifork Research, Inc.   http://0xdeadbeef.info/
3B05 C9C5 A2DE C3D7 4233  0394 EF85 2008 DBFD B707


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------