A user asked if a test for smtp smuggling could be added to swaks. Swaks is not a vul scanner and I don't want to add tests for specific vulnerabilities. However, I do support swaks being used as a scanner as people find it useful. Are there any features swaks is missing to craft a test for smtp smuggling? https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/
Note this fits well with the broad idea to make swaks use a DSL internally, then to translate "standard" functionality into that DSL. That would allow users to create novel combinations of transaction options without requiring swaks argument processing to directly support/implement each feature. If something like that existed, it would be relatively easy to add new edge cases like this locally
A user asked if a test for smtp smuggling could be added to swaks. Swaks is not a vul scanner and I don't want to add tests for specific vulnerabilities. However, I do support swaks being used as a scanner as people find it useful. Are there any features swaks is missing to craft a test for smtp smuggling? https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/
Note this fits well with the broad idea to make swaks use a DSL internally, then to translate "standard" functionality into that DSL. That would allow users to create novel combinations of transaction options without requiring swaks argument processing to directly support/implement each feature. If something like that existed, it would be relatively easy to add new edge cases like this locally