Malicious hackers can engineer phishing or spear-phishing attacks by sending emails that contain fake information and links. Also we all receive many unwanted emails for commercial or other irrelevant reasons if our email addresses are published or shared without our permission.
Having clear text email addresses on a website is not in itself a vulnerability. But it is good to know what email addresses are published on the website. It prompts you to take further precautions to protect your data.
During the scan, Invicti detects email addresses accessible from the scanned web application and lists them in the Email Addresses node in the Knowledge Base.
Once the scan is completed, all email addresses exposed on the website are listed under the Email Addresses node in the Knowledge Base. You can access the same information in the Knowledge Base Report and Knowledge Base Tab.
Invicti forms Knowledge Base nodes based on its findings. If the Email Addresses node is not listed, it means that Invicti did not detect any.
How to View the Email Addresses Node in Invicti Enterprise
- Log in to Invicti Enterprise.
- From the main menu, click Scans, then Recent Scans. The Recent Scans window is displayed.
- Next to the relevant website, click Report.
- From the Technical Report section, click the Knowledge Base tab.
- Click ehe Email Addresses node. The information is displayed in an Email Addresses tab.
How to View the Email Addresses Node in Invicti Standard
- Open Invicti Standard
- Start a Scan or open a previously saved scan.
- The Knowledge Base is displayed on the right of the Scan Summary Dashboard. (If it is hidden, display it again using the Knowledge Base icon on the go to the View tab on the ribbon. Alternatively, click the Reset Layout icon on the View tab, then close the Activity/Progress/Logs pane to give maximum viewing space.)
- Ensure that the Knowledge Base Viewer is also displayed. (If it is hidden, you can display it again using the Knowledge Base Viewer button on the View tab. You may also want to close the Activity/Progress/Logs pane.)
- Click the Email Addresses node in the Knowledge Base. All detected Email Addresses are displayed in the Knowledge Base Viewer.