Navigation
Home
About us
Features
Tools
Send Email
SMTP Verify
Node Cluster
Blacklist Check
Intel
Domain Recon
Subdomain Enum
DKIM Audit
Header Parse
Breach Search
Forge
Phishing Templates
Macro Builder
Tracking Pixel
Bypass
Homoglyph
HTML Obfuscation
Config
ADVANCED TESTING ENVIRONMENT

Advanced by design.
Simplified by Mailsploit.

Automate your workflows, prioritize vulnerabilities, and focus on what truly matters in email security.

Our powerful intelligence tools and automated recon engines give you
unprecedented visibility into complex email routing architectures.

VULNERABILITIES FOUND
5M+
DOMAINS ANALYZED
250k+
DETECTION RATE
98%
WHO WE ARE

Built by hackers, for defenders.

Mailsploit was founded by a team of security researchers and penetration testers who were exhausted by the manual effort required to audit SPF, DKIM, and DMARC alignments. We built this toolkit to automate the repetitive tasks, highlight misconfigurations instantly, and provide weaponized payloads for authorized red team exercises.

CORE MODULES

Product Features

Organize, prioritize and control your security testing
more efficiently in our trusted platform

Domain Intelligence
Unlock effortless reconnaissance. Your gateway to automated domain analysis — connect SPF, DKIM, and DMARC audit engines, streamline workflows, and supercharge vulnerability detection with ease.
Trackers Connected
06 Active Integrations
14X
Focusing
Security Analytics
Range Ratio
42%
Maximum of focus Monthly Focus
Team's Productivity
Boost your team's efficiency with our next-gen email security and payload solutions.
Instant Diagnostics
Execute deep email header parsing, DMARC validation, and spoofing vulnerability checks in milliseconds. Zero waiting.
ALL TOOLS
Send Email
SMTP Verify
Node Cluster
Domain Recon
DKIM Audit
Header Parse
Blacklist
Subdomain
Breach
Phishing
Macro
Pixel
Homoglyph
Obfuscate
Send Email
SMTP Verify
Node Cluster
Domain Recon
DKIM Audit
Header Parse
Blacklist
Subdomain
Breach
Phishing
Macro
Pixel
Homoglyph
Obfuscate
FAQ

Frequently Asked Questions

Everything you need to know about the product and billing.

Mailsploit is a dedicated toolkit designed for authorized red team exercises and security professionals. It helps automate the testing of email infrastructure by checking SPF/DKIM/DMARC alignments, spoofing vulnerabilities, and simulating Phishing or Macro attacks.
Yes, provided you have explicit authorization from the target organization. This tool is built strictly for educational and auditing purposes. Generating payloads or spoofing domains without permission is illegal and strictly prohibited.
The Domain Recon module queries live DNS records (TXT) for SPF, DKIM, and DMARC specifically. It accurately parses the latest configuration using the provided domain, giving you up-to-date vulnerabilities based exactly on how the domain would respond to a sending mail server.
Absolutely. The Node Cluster and Send Email modules allow you to input any generic SMTP credentials. The toolkit handles the raw communication via standard ports (25, 465, 587) independent of the provider.
No. Mailsploit is designed to be privacy-centric. All connections, checks, and payload generations happen locally or directly with the target infrastructure without routing through intermediary logging servers.

Send Email

Compose and transmit test emails

Connection
Sender Identity
Auto-fills from sender
Sets the technical MAIL FROM address. Use this to decouple the delivery envelope from the displayed header.
Delivery Strategy
Warm-up: Start with low volumes (10-50/day) on fresh IPs.

Header Injection: Adding randomized X-headers (like X-Mailer or X-Originating-IP) can help bypass basic static signatures.

Time-gapping: Use the config tab to slow down bulk-sends to mimic human activity.
Message
Comma-separated
Max 16MB. txt, pdf, images, doc

SMTP Verify

Test server connectivity and authentication

Connection Test
Common Ports & Protocols
Port Protocol Encryption
25 SMTP None / STARTTLS
465 SMTPS Implicit SSL/TLS
587 MSA STARTTLS
2525 Alt SMTP STARTTLS
Tip: Many ISPs block outbound traffic on port 25 to mitigate spam. If connection fails on port 25, attempt port 587 or 465.

Node Cluster

Bulk SMTP server testing

Cluster Upload
Format: host|port|user|pass — one per line
Load Balancing Info
Mailsploit tests nodes concurrently. When deploying campaigns, valid nodes are aggregated into a randomized round-robin pool to distribute delivery load and mitigate IP reputation burn rates.

Domain Recon

SPF, DMARC, and spoofing vulnerability analysis

Domain Check
Comma-separated for bulk
DMARC Policy Impact
Policy (p=) Impact
none Monitor only. Easily spoofable.
quarantine Sent to spam/junk folder.
reject Blocked at gateway. Secure.

DKIM Audit

Verify DKIM selector records and key configurations

Selector Check
Leave empty for common selectors
Selector Brute Force
Unlike SPF/DMARC which reside at standard DNS roots, DKIM keys require guessing the "selector" (e.g., selector._domainkey.domain.com). Mailsploit automatically iterates through top providers (Google, Microsoft, SendGrid) to locate active keys.

Header Parse

Analyze raw email headers for security indicators

Raw Headers
Security Header Checklist
  • Authentication-Results: Must show spf=pass, dkim=pass, dmarc=pass.
  • Received: Trace hops from bottom to top. Look for internal IPs exposed to the internet or logical gaps.
  • Message-ID: Verify it matches the sending domain's expected format.
  • X-Originating-IP: Sometimes leaks the true sender IP behind proxies/webmail.

Blacklist Check

Check IP/Domain against major DNSBLs

Target
Common DNSBL Providers
We currently query the following major blocklists:
  • zen.spamhaus.org
  • b.barracudacentral.org
  • dnsbl.sorbs.net
  • bl.spamcop.net
  • spam.abuse.ch

Subdomain Enum

Discover active mail infrastructure

Enumerate
OSINT Recon Sources
This module aggregates data from public certificate transparency logs (crt.sh) and DNS brute-forcing to identify hidden mail servers (e.g., mta2.marketing.target.com) that might bypass strict main-domain SPF policies.

Breach Search

Check email against data dumps

Target
Source Transparency
Data is sourced via HIBP API and local aggregate lists (simulated). Finding an executive's email in a third-party breach often provides contextual leverage for highly targeted spear-phishing (e.g., referencing a known compromised password).

Phishing Templates

Generate HTML login form lures

Brand Target
OpSec & Detection Evasion
Generated templates are dynamically obfuscated. Consider hosting payloads on reputable cloud infrastructure (e.g., Azure or AWS buckets) or domains older than 30 days to bypass initial reputation filters.

Macro Builder

Weaponize VBA payloads

Target Executable
Locked to calc.exe for demonstration safety
VBA Analysis Prevention
Generated macros use AutoOpen() or Document_Open() triggers. To evade heuristic sandbox analysis, real-world macros often employ sleep functions, environmental keying (checking domain membership), or require user interaction (like scrolling) before payload execution.

Tracking Pixel

Create invisible 1x1 image trackers

Generate
Tracking Mechanics
Pixels relay read receipts, IP addresses, user agents, and timestamps back to the C2 server when remote images are rendered by the client's mail application. Many modern clients (like Gmail) proxy images, obscuring the true client IP but still confirming engagement.

Homoglyph Bypass

Generate Cyrillic look-alike domains

Original Domain
Look-alike Detection
Homographs exploit IDN (Internationalized Domain Names). To prevent deception, modern browsers use "Punycode" (e.g., xn--xample-hye.com). However, in many email clients and plain-text editors, these Unicode strings render identically to their ASCII targets.

HTML Obfuscation

Encode email bodies to bypass filters

Raw HTML
Filter Evasion Techniques
HTML Entities: Converts characters to &#xx;. Good for simple keyword filters. Mail clients render them back to text transparently.

JS Unwrappers: Highly effective against static scanners, but requires the target mail client to support execution of embedded JavaScript (which is increasingly rare/blocked).
Campaign Drafts
Search, load, and manage your saved email configurations.

No saved drafts yet.

System Settings
#FFFFFF
Changes the glow and key highlights across the UI.
0.4x
Adjust the velocity of the neural background particles.
Email Preview
[Subject]
?
[From Name] <from@email.com>
to [To]
Forge Phishing Template
Processing...