Finding Hidden Gems in Temporary Mail Services - Monitoring and Security Analysis

Explore a 25-minute conference talk from DEF CON 31's Recon Village that delves into monitoring and exploiting temporary mail services for discovering valuable information. Learn about a custom-developed Python command and control tool that scans popular temporary mail services like yopmail, tempr.email, dispostable, guerrila, and maildrop. Discover how the tool indexes emails based on specified keywords and provides Telegram notifications through API integration. Gain insights from a year-long research project that analyzed over 1 million emails, revealing findings including confidential personal information, account reset emails, game accounts, and bitcoin wallet details. Understand the tool's functionality through configuration files for continuous email crawling, monitoring, and keyword-based filtering. See a live proof of concept demonstration and learn about observed red team activities in temporary mail services. Originally presented at DEF CON Conference in Las Vegas, this talk provides practical knowledge for security researchers and penetration testers interested in temporary mail service vulnerabilities.