WebDAV Covert Channel
WebDAV Covert Channel is a technique that exploits WebDAV protocol features to establish covert communication channels and deliver malicious payloads. The tool leverages WebDAV's legitimate functionality to bypass traditional security controls including intrusion detection systems (IDS), intrusion prevention systems (IPS), and antivirus solutions. Key capabilities include: - Establishing command and control (C2) communication through WebDAV protocol - Operating entirely in memory to avoid disk-based detection mechanisms - Maintaining proxy compatibility for environments with network restrictions - Providing DFIR-friendly characteristics that can evade forensic analysis - Delivering payloads through legitimate-appearing WebDAV traffic The technique takes advantage of WebDAV's file sharing and collaboration features to mask malicious activities within normal network traffic patterns. By operating through established protocols, it can blend with legitimate business communications and avoid triggering security alerts.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A C#-based Command and Control Framework for remote access and control of compromised systems.
A tool to remove malicious artifacts from Microsoft Office documents, preventing malware infections and data breaches.
RTA provides a framework of scripts for blue teams to test detection capabilities against malicious tradecraft, modeled after MITRE ATT&CK.
Python framework for building and utilizing interfaces to transfer data between frameworks with a focus on Command and Control frameworks.
Kali Linux is a specialized Linux distribution for cybersecurity professionals, focusing on penetration testing and security auditing.
Collection of Return-Oriented Programming challenges for practicing exploitation skills.
An open source network penetration testing framework with automatic recon and scanning capabilities.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.