A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


GET A Grip on Your Hustle: Glassdoor Exfil Toolkit - Parker Schmitt - Kyle Stone (essobi) - Chris Hodges (g11tch) Derbycon 2014 (Hacking Illustrated Series InfoSec Tutorial Videos)

GET A Grip on Your Hustle: Glassdoor Exfil Toolkit
Parker Schmitt - Kyle Stone (essobi) - Chris Hodges (g11tch)
Derbycon 2014

How do you tunnel data past a nextgen firewall? Advanced IDS, DLP, or even session heuristics? When simple reverse shells and DNS exfiltration wont just do? We plan on exploring many ways that you can tunnel out while automating the process thereby making a nearly undetectable egress and yet maintaining a persistent connection into a network. By mimicking user behavior, using uncommon exfiltration techniques and non,standard encoding methods, we will demo our new framework. Announcing GET, the interactive and command, line toolkit that allows one to try multiple exfiltration paths on the fly. We will demo, three unique exfiltration methods with our framework, including httpstego, voip FSK and NTP tunneling in plain sight.

Back to Derbycon 2014 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast