Explore offensive security techniques for hacking corporate email systems in this 51-minute conference talk from BSides Columbus 2016. Learn about penetration methodology, locating email domains, gathering employee names, and exploiting various SMTP and webmail vulnerabilities. Discover methods for enumerating Active Directory domains, bypassing two-factor authentication, and conducting brute-force attacks. Examine techniques for extracting sensitive information, including global address lists and Autodiscover configurations. Investigate malicious attachment and website tactics, SMTP catch-all exploitation, and SMB email client attacks. Understand how to reuse gathered credentials on internal networks and web applications. Conclude with remediation strategies to reduce risk and enhance email system security.