DET (extensible) Data Exfiltration Toolkit
0
Free
DET (is provided AS IS), is a proof of concept to perform Data Exfiltration using either single or multiple channel(s) at the same time. The idea was to create a generic toolkit to plug any kind of protocol/service to test implmented Network Monitoring and Data Leakage Prevention (DLP) solutions configuration, against different data exfiltration techniques. Slides DET has been presented at BSides Ljubljana on the 9th of March 2016 and the slides will be available here. Slides are available here. Example usage (ICMP plugin) Server-side: Client-side: Usage while combining two channels (Gmail/Twitter) Server-side: Client-side: Installation Clone the repo: git clone https://github.com/PaulSec/DET.git Then: pip install -r requirements.txt --user Configuration In order to use DET, you will need to configure it and add your proper settings (eg. SMTP/IMAP, AES256 encryption passphrase, proxies and so on). A configuration example file has been provided and is called: config-sample.json { "plugins": { "http": { "target": "192.168.0.12", "port": 8080, "proxies": ["192.168.0.13", "192.168.0.14"] }, "google_docs": { "target": "conchwaiter.uk.plak.cc"
FEATURES
The author has not provided features for this tool yet. If you are the author, please sign in or claim the tool to add features by clicking the icon above.
ALTERNATIVES
A C++ staged shellcode loader with evasion capabilities, compatible with Sliver and other shellcode sources, designed for offensive security testing.
A fuzzing framework for Android that creates corrupt media files to identify potential vulnerabilities
Modular framework for web services penetration testing with support for various attacks.
Data exfiltration & infiltration tool using text-based steganography to evade security controls.
Explore the top million websites, ranked by referring subnets, and gain insights into online influence and popularity.
A powerful tool for extracting passwords and performing various Windows security operations.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Commercial
Resources
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Free
Security Operations
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Free
Resources
System Two Security
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
Commercial
Security Operations
Aikido Security
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.
Commercial
Application Security
Permiso
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Commercial
IAM
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.
Commercial
AI Security