MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an Exchange administrator to search the mailboxes of every user in a domain.
MailSniper also includes additional modules for password spraying, enumerating users/domains, gathering the Global Address List from OWA and EWS, and checking mailbox permissions for every Exchange user at an organization.
Aparentmente (no lo he probado) en organizaciones grandes la gente abre su email para que más personas lo puedan ver. Con esta herramienta puedes checarlo. Es particularmente interesante si el mail abierto es el del CEO ja.
Invoke-OpenInboxFinder is a module that will attempt to determine if the current user running MailSniper has access to the Inbox of each email address in a list of addresses.
