Discovering valid e-mail accounts using Google Search

Finding valid e-mail accounts is an important task during a penetration test. E-mail accounts are often used as usernames in some systems and web applications. Attackers often target the highly sensitive information that is stored in them.

This recipe shows you how to use Nmap to discover valid e-mail accounts that could be used as usernames in some web applications or during brute force password auditing, to find weak credentials.

Getting ready

For this task we need an NSE script that is not distributed with Nmap officially. Download the NSE script http-google-search.nse from http://seclists.org/nmap-dev/2011/q3/att-401/http-google-email.nse.

Update your NSE script database by executing the following ...

Get Nmap 6: Network Exploration and Security Auditing Cookbook now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.