DET (extensible) Data Exfiltration Toolkit Logo

DET (extensible) Data Exfiltration Toolkit

0
Free
Visit Website

DET (is provided AS IS), is a proof of concept to perform Data Exfiltration using either single or multiple channel(s) at the same time. The idea was to create a generic toolkit to plug any kind of protocol/service to test implmented Network Monitoring and Data Leakage Prevention (DLP) solutions configuration, against different data exfiltration techniques. Slides DET has been presented at BSides Ljubljana on the 9th of March 2016 and the slides will be available here. Slides are available here. Example usage (ICMP plugin) Server-side: Client-side: Usage while combining two channels (Gmail/Twitter) Server-side: Client-side: Installation Clone the repo: git clone https://github.com/PaulSec/DET.git Then: pip install -r requirements.txt --user Configuration In order to use DET, you will need to configure it and add your proper settings (eg. SMTP/IMAP, AES256 encryption passphrase, proxies and so on). A configuration example file has been provided and is called: config-sample.json { "plugins": { "http": { "target": "192.168.0.12", "port": 8080, "proxies": ["192.168.0.13", "192.168.0.14"] }, "google_docs": { "target": "conchwaiter.uk.plak.cc"

FEATURES

ALTERNATIVES

RedWarden is a Cobalt Strike C2 Reverse proxy that evades detection by Blue Teams, AVs, EDRs, and scanners through packet inspection and malleable profile correlation.

A tool that scans for accessibility tools backdoors via RDP

A collection of payloads and methodologies for web pentesting.

A structured approach for conducting penetration tests with seven main sections covering all aspects of the test.

A specification/framework for extending default C2 communication channels in Cobalt Strike

Data exfiltration & infiltration tool using text-based steganography to evade security controls.

A free, safe, and legal training ground for ethical hackers to test and expand their skills

An exploration of a new method to abuse DCOM for remote payload execution and lateral movement.

PINNED