Clone of https://github.com/rmusser01/Infosec_Reference . For those who would prefer to not be tracked by MS.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 

3.3 KiB

###Exfiltration

#####TOC

###Cull Stunnel Learn how to hide your trojans, backdoors, etc from anti virus.

[Virus] Self-modifying code-short overview for beginners

iodine

http://windowsir.blogspot.com/2013/07/howto-data-exfiltration.html

###General

###Methodologies

Gmail/other email services Draft emails Draft emails

###Tools

iodine

  • This is a piece of software that lets you tunnel IPv4 data through a DNS server. This can be usable in different situations where internet access is firewalled, but DNS queries are allowed.

dnscat2

  • Welcome to dnscat2, a DNS tunnel that WON'T make you sick and kill you! This tool is designed to create a command-and-control (C&C) channel over the DNS protocol, which is an effective tunnel out of almost every network.

fraud-bridge

  • fraud-bridge allows to tunnel TCP connections through ICMP, ICMPv6, DNS via UDP or DNS via UDP6. Project, not stable

PyExfil

  • Exfiltration tools inspired by Regin. Alpha Status.

Exfil - Modular tool to test exfiltration techniques

Multitun

  • Efficiently and securely tunnel everything over a harmless looking WebSocket!

###Papers Self-Exfiltration: The Dangers of Browser-Enforced Information Flow Control

  • Abstract —Since the early days of Netscape, browser vendors and web security researchers have restricted out-going data based on its destination. The security argument accompanying these mechanisms is that they prevent sensitive user data from being sent to the attacker’s domain. However, in this paper, we show that regulating web information flow based on its destination server is an inherently flawed security practice. It is vulnerable to self-exfiltration attacks, where an adversary stashes stolen information in the database of a whitelisted site, then later independently connects to the whitelisted site to retrieve the information. We describe eight existing browser security mechanisms that are vulnerable to these “self-exfiltration” attacks. Furthermore, we discovered at least one exfiltration channel for each of the Alexa top 100 websites. None of the existing information flow control mechanisms we surveyed are sufficient to protect data from being leaked to the attacker. Our goal is to prevent browser vendors and researchers from falling into this trap by designing more systems that are vulnerable to self-exfiltration.