Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Advanced Exfiltration Techniques
Jonas Lejon
Triop AB
Background
• So far we have seen techniques like:
• DNS
• ICMP
• HTTP POST
• With and without encryption
• Steganography
Learn
• We can learn from other projects like Tor
• Exfiltrate using CDN (domain fronting)
• Exfiltrate to Tor Hidden Servic...
Future
• Know your target
• And their running applications
• Exfiltrate from user PC or DMZ?
• Your code needs to know the ...
Contact
Jonas Lejon
jonas@triop.se
https://triop.se
Upcoming SlideShare
Loading in …5
×

Advanced Exfiltration Techniques

681 views

Published on

Advanced Exfiltration Techniques. Future and present and some background

Published in: Software
  • Be the first to comment

  • Be the first to like this

Advanced Exfiltration Techniques

  1. 1. Advanced Exfiltration Techniques Jonas Lejon Triop AB
  2. 2. Background • So far we have seen techniques like: • DNS • ICMP • HTTP POST • With and without encryption • Steganography
  3. 3. Learn • We can learn from other projects like Tor • Exfiltrate using CDN (domain fronting) • Exfiltrate to Tor Hidden Services • Known and used protocol within the org. such as IMAP • Highjack already running protocols • Known applications • Skype • Dropbox
  4. 4. Future • Know your target • And their running applications • Exfiltrate from user PC or DMZ? • Your code needs to know the environment • Needs proxy or not • Airgap network • How fast do you need to exfiltrate the data? • Exfiltrate to one or multiple targets at once
  5. 5. Contact Jonas Lejon jonas@triop.se https://triop.se

×