exfiltration

There are 13 repositories under exfiltration topic.

• GTFOBins / GTFOBins.github.io

  GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

  post-exploitationlinuxunixbypassgtfobinsbinariesreverse-shellbind-shellexfiltrationredteamblueteam
  Language:HTML 12285

• fulldecent / system-bus-radio

  Transmits AM radio on computers without radio transmitting hardware.

  radioequipmentsoftware-defined-radioexfiltrationsecuritytransmissiontransmitterairgaplow-levelradiationcommunicationcommunication-protocolelectrical-engineeringengineeringmicroprocessor
  Language:C 6631

• TryCatchHCF / Cloakify

  CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

  cipherdata-exfiltrationhackingpentestingexfiltrationsteganographycryptographydlpav-evasionprivacysecuritysecurity-toolsinfosecred-teampentestpentest-toolhacking-toolhacking-toolspentest-toolsstego
  Language:Python 1637

• TryCatchHCF / PacketWhisper

  PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

  hackinghacking-toolsred-teampentestingexfiltrationsecurity-toolssteganographycryptographydlpdata-exfiltrationpentest-toolsecurity
  Language:Python 648

• Spacial / awesome-csirt

  Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.

  securitycsirtawesomeawesome-listmalware-analysisthreat-intelligencepentestingexfiltrationsecure-programmingcvepocreverse-engineeringexploits
  Language:C 562

• Zarcolio / flipperzero

  This repo contains my own Ducky/BadUSB scripts, related PowerShell scripts and other Flipper Zero related stuff.

  awarenessbadusbduckyscriptoffensive-securitypowershellredteamingpasswordspincodesduckyhackingflipperflipperzerobadusb-payloadsducky-payloadsducky-scriptflipper-zeroexfilexfiltrationbadkbgenerator
  Language:PowerShell 428

• SitinCloud / Owlyshield

  Owlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact).

  cybersecurityantivirusbehavior-analysisransomwareedrmachine-learningmalwaremalware-analysismalware-researchthreat-huntingcommand-and-controlexfiltrationimpact
  Language:Rust 416
• Lucifer

  Skiller9090 / Lucifer

  A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life

  cybersechackingpentestingpentest-toolhacking-toolpythoncybersecuritycyber-securitysecurity-toolsmodulesmodularhacking-frameworkframeworkautomationautomation-frameworkprivilege-escalationenumerationexfiltrationsecurity
  Language:Python 377

• mazen160 / xless

  The Serverless Blind XSS App

  blind-xssbrowser-exploitationexfiltrationout-of-bandserverlessxss
  Language:JavaScript 340

• tokyoneon / CredPhish

  CredPhish is a PowerShell script designed to invoke legitimate credential prompts and exfiltrate passwords over DNS.

  shellreverse-shellsocial-engineeringpenetration-testinginformation-securitykali-linuxkalikali-scriptsbypass-antivirusantivirus-evasionamsibackdooroffensive-securitydnsdns-serverexfiltrationc2
  Language:PowerShell 294

• Flangvik / Bobber

  Bounces when a fish bites - Evilginx database monitoring with exfiltration automation

  aadentraidevilginxexfiltrationo365pentestingphishingpythonroadtools
  Language:Python 181

• LyndLabs / DNS-DriveBy

  Drive-by data exfiltration using open WiFi networks & DNS requests

  canarytokensdata-exfiltrationdnsdns-exfiltrationesp8266exfiltrationwardriving
  Language:C++ 157

• t0thkr1s / gtfobins-cli

  Search for Unix binaries that can be exploited to bypass system security restrictions.

  binarybind-shellblueteambypassexfiltrationgtfogtfobinslinuxoscppost-exploitationprivilege-escalationpythonredteamreverse-shellsecurity-toolsunix-binaries
  Language:Python 131

• anfractuosity / ultrasonicnetworking

  Ultrasonic networking - Transmitting TCP/IP via Ultrasound

  exfiltrationgnuradionetworkingtcpultrasound
  Language:Python 113

• leonjza / qrxfer

  Transfer files from Air gapped machines using QR codes

  exfiltrationqrcode
  Language:Python 111

• christophetd / IPv6teal

  :wave: Stealthy data exfiltration via IPv6 covert channel

  red-teamingexfiltrationcovert-channelipv6
  Language:Python 102

• 1N3 / PowerExfil

  A collection of data exfiltration scripts for Red Team assessments.

  dataexfilexfiltrationhackingpowershellredteamredteamingscriptscriptstooltools
  Language:PowerShell 97

• AmgdGocha / DriveFS-Sleuth

  DriveFS Sleuth is a Python tool that automates investigating Google Drive File Stream disk artifacts, the tool has been developed based on research that has been performed by mounting different scenarios and noting down the changes in the Google Drive File Stream disk artifacts.

  drive-file-streamexfiltrationforensicsgoogle-driveunauthorized-application
  Language:Python 86

• R3DRUN3 / vermilion

  Linux post exploitation tool for info gathering and exfiltration 🐧📡💀

  exfiltrationgolanginfo-gatheringinfo-stealinglinuxredteamredteam-tools
  Language:Go 86

• DamonMohammadbagher / NativePayload_Image

  Transferring Backdoor Payloads with BMP Image Pixels

  steganographybypass-antivirusexfiltrationantivirus-evasionantivirusredteampentesting
  Language:Shell 83

• ELMERIKH / TelecordC2

  Advanced Telegram x Discord C2, great for data Exfitration and Network evasion 🔷

  bypass-antivirusc2-servercommand-and-controlcybersecurity-toolsdata-exfiltrationdiscord-c2exfiltrationred-team-toolsred-teamingtelegram-c2telegram-ratgolang-c2red-team-c2red-teaming-tools
  Language:Go 83

• jaceddd / text_watermark

  Allows invisible watermarking of text and invisible encrypted messages. Uses 17 different invisible characters as HEX + delimiter. Includes encoder, decoder, spammer and other tools‬⁨⁠⁢⁠⁩⁠​⁠⁩⁠​‎⁠‎­⁠‎⁠⁩‍⁠⁠​⁩⁠‎⁠​⁨⁠​⁠⁠​‬⁠​‬⁠⁩⁠‬⁠‎⁠‍⁠​‬⁠‎⁠⁨⁠‎‍⁠.

  steganographysteganography-applicationsteganography-encodingsteganography-librarysteganography-toolszero-width-spaceciphercryptographydata-hidingdigital-watermarkingexfiltration
  Language:JavaScript 78

• leonjza / dnsfilexfer

  File transfer via DNS

  dnsexfiltration
  Language:Python 73

• jaschadub / VectorSmuggle

  Testing platform for covert data exfiltration techniques where sensitive documents are embedded into vector representations and tunneled out under the guise of legitimate RAG operations — bypassing traditional security controls and evading detection through semantic obfuscation.

  cybersecuritydemoexfiltrationllmragredteamredteamingrisk-managementvectorvector-databaseblueteam-toolscyber-securityhackinghacking-toolhacking-toolsredteam-toolssecurity-tools
  Language:Python 69

• DamonMohammadbagher / NativePayload_BSSID

  Transferring Backdoor Payload by BSSID and Wireless traffic

  antivirusantivirus-evasionbackdoorexfiltrationpentestingredteamwifiwifi-network
  Language:Shell 59

• tasooshi / exfilkit

  Data exfiltration utility for testing detection capabilities

  security-toolsexfiltrationpentestingred-teamcticybersecuritydata-exfiltration
  Language:Python 57

• anfractuosity / musicplayer

  Play audio files (.wav) via the system bus of your computer and pickup with an AM radio. See youtube link for example.

  system-busaudiorfradioamexfiltrationpdmmusicplayer
  Language:C 52

• ekiojp / circo

  Cisco Implant Raspberry Controlled Operations

  raspberrypiexfiltrationpentesting
  Language:Python 51

• OlivierLaflamme / DNSWho

  transmit cs beacon (shellcode) over self-made dns to avoid anti-kill and AV

  redteamdnscobaltstrikebypass-antivirusexfiltrationshellcodebeaconevasion-attackevasionantivirus-evasionbypass-av
  Language:C# 49

• r1vs3c / searchbins

  Offline command line tool that searches for GTFOBins binaries that can be used to bypass local security restrictions in misconfigured systems.

  bash-scriptbinariesbind-shellblueteambypassexfiltrationgtfobinslinuxpost-exploitationredteamreverse-shellunixprivilege-escalation
  Language:Shell 48

• drivebadger / drivebadger

  Open source platform for covert data exfiltration operations, supporting all device types: computers, servers, mobile phones, tablets, pen drives and photo cameras.

  exfiltrationexfiltratorexfiltratekali-linuxpolicesecuritylinuxusbusb-driveluks-encryptionrsyncsystemdforensicsforensics-investigationspolice-officersevidenceraspberry-piraspberrypiraspbianlaw-enforcement
  Language:Shell 47

• ekiojp / dfex

  DNS File EXfiltration

  post-exploitationdnsfileexfiltration
  Language:Python 46

• NHAS / egressinator

  Find what egress ports are allowed

  egress-filteringexfilexfiltrationgolangpentestingredteam
  Language:Go 43

• reveng007 / DareDevil

  Stealthy Loader-cum-dropper/stage-1/stager targeting Windows10

  dropperloaderstage1stagerbeaconingstage2reflective-loadingcovert-channelexfiltrationremote-process-injectionobfuscationenvironmental-keying-factorhacktoberfest
  Language:C# 37

• rverton / gxss

  Blind XSS service alerting over slack or email

  xssblind-xssexfiltrationpentestingsecurity
  Language:Go 31

• sourcefrenchy / certexfil

  Exfiltration based on custom X509 certificates

  exfiltrationredteampentestingredteamingleakagepayloadcertificatecertsmtlspem
  Language:Go 26