1. To run the phishing campaign by command line
  2. To exploit the SMTP Open Relay vulnerability by sending phishing email

This tool used custom SMTP-cli. I have done some basic modifications in his script. Thanks to smtp-cli for developing such a useful tool.

Feature Overview

  • Fully open-source means there are no limits on the use
  • Lightweight as compare to other phishing toolkits
  • Run multiple phishing campaigns simultaneously
  • Send an email with embedded First Name, Last Name, and Email
  • Highly flexible to run phishing campaign by exploiting SMTP open relay issue
  • User enumeration by “RCPT TO”
  • Time delay is available to bypass the open relay restriction

Reason to Develop SMTP Relay Phisher

Why Use SMTP Relay Phisher

  • This tool doesn’t work on the client-server model like other phishing toolkits.
  • This tool runs directly from the attacker machine.
  • This tool is lightweight and easy to use.
  • This tool helps in a red team activity to run a phishing campaign by exploiting SMTP open relay.
  • This tool helps to validate the user by RCPT TO.


More Details



Check This:

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store