Why would you consider sending an email to an address that you know does not exist within the company you are performing a Penetration Test for?

Posted on by

Last Updated on August 14, 2021 by Admin

Why would you consider sending an email to an address that you know does not exist within the company you are performing a Penetration Test for?

  • To determine who is the holder of the root account
  • To perform a DoS
  • To create needless SPAM
  • To illicit a response back that will reveal information about email servers and how they treat undeliverable mail
  • To test for virus protection