SMTP Penetration Testing

[Skill Scanner] Installation of third-party script detected All findings: [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] This README-style skill is a comprehensive, explicit active-testing guide for SMTP servers. It is not itself malware and contains no obfuscated or covert exfiltration logic, but it contains detailed, dual-use offensive techniques (user enumeration, relay exploitation, brute forcing) that pose significant operational risk if used without authorization. Recommend restricting distribution, adding mandatory authorization verification and safe-mode defaults (no external recipients, rate limits), guidance for secure storage/handling of captured credentials, and verifying provenance of recommended third-party tooling before installation. LLM verification: This document is a complete, practical SMTP penetration-testing playbook that correctly maps procedures to tools and SMTP protocol features. There is no evidence in the provided text of embedded malware, obfuscation, or covert exfiltration. The main concern is dual-use: the instructions enable intrusive testing (enumeration, brute force, open-relay exploitation) that may be illegal or harmful if used without explicit authorization. Operators should only use these procedures with written permissi