This covers the full SMTP penetration testing workflow, from banner grabbing and service discovery through user enumeration, open relay testing, and brute force authentication attempts. You get practical commands for tools like Nmap, Hydra, smtp-user-enum, and Metasploit, plus manual testing via netcat and telnet. The workflow is solid for authorized security assessments, walking through VRFY/EXPN/RCPT enumeration methods, relay testing variations, and checking email authentication records like SPF and DMARC. It's comprehensive but assumes you already have authorization and understand the legal boundaries. The reference tables for SMTP commands and response codes are genuinely useful for quick lookups during an engagement.
npx skills add https://github.com/sickn33/antigravity-awesome-skills --skill smtp-penetration-testing