DET (extensible) Data Exfiltration Toolkit Logo

DET (extensible) Data Exfiltration Toolkit

0
Free
Visit Website

DET (is provided AS IS), is a proof of concept to perform Data Exfiltration using either single or multiple channel(s) at the same time. The idea was to create a generic toolkit to plug any kind of protocol/service to test implmented Network Monitoring and Data Leakage Prevention (DLP) solutions configuration, against different data exfiltration techniques. Slides DET has been presented at BSides Ljubljana on the 9th of March 2016 and the slides will be available here. Slides are available here. Example usage (ICMP plugin) Server-side: Client-side: Usage while combining two channels (Gmail/Twitter) Server-side: Client-side: Installation Clone the repo: git clone https://github.com/PaulSec/DET.git Then: pip install -r requirements.txt --user Configuration In order to use DET, you will need to configure it and add your proper settings (eg. SMTP/IMAP, AES256 encryption passphrase, proxies and so on). A configuration example file has been provided and is called: config-sample.json { "plugins": { "http": { "target": "192.168.0.12", "port": 8080, "proxies": ["192.168.0.13", "192.168.0.14"] }, "google_docs": { "target": "conchwaiter.uk.plak.cc"

FEATURES

ALTERNATIVES

SharpEDRChecker scans system components to detect security products and tools.

A front-end JavaScript toolkit for creating DNS rebinding attacks

A collection of tests for Local File Inclusion (LFI) vulnerabilities using Burp Suite.

Utilizes dirtyc0w kernel exploit for privilege escalation in a Docker container.

Ultimate Internet of Things/Industrial Control Systems reconnaissance tool powered by Shodan.

A proxy aware C2 framework for penetration testing, red teaming, post-exploitation, and lateral movement with modular format and highly configurable payloads.

A C/C++ tool for remote process injection, supporting x64 and x86 operations, with system call macros generated by SysWhispers script.

A tool that finds more information about a given URL or domain by querying multiple data sources.

PINNED