DNSlivery allows to deliver files to a target using DNS as the transport protocol.

Features:
allows to print, execute or save files to the target
does not require any client on the target
does not require a full-fledged DNS server

https://github.com/no0be/DNSlivery

#exfiltration #evasion #redteaming

IPv6teal

IPv6teal is a Python 3 tool to stealthily exfiltrate data from an internal network using a covert channel built on top of the IPv6 header Flow label field.

https://github.com/christophetd/IPv6teal

#tools #redteaming #exfiltration #ipv6

Tunna

Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments.

https://github.com/SECFORCE/Tunna
#exfiltration #redteaming #socks #tools

Zipper, a CobaltStrike file and folder compression utility

This CobaltStrike tool allows Red teams to compress files and folders from local and UNC paths. This could be useful in situations where large files or folders need to be exfiltrated. After compressing a file or folder a random named zipfile is created within the user temp folder.

> https://github.com/outflanknl/Zipper
#tools #cobalt #redteamin #exfiltration

Red Team: Using SharpChisel to exfil internal network

During many Red Team Assessment, we use multiple agents to connect to our target network infrastructure. These agents connect to different C2 servers such as Cobalt Strike, Metasploit Framework, Empire, SharpC2 (recent C2 Framework by Rasta Mouse), etc. One of the critical features of these C2 agents is to provide a tunnel to the target network. The latency to tunnels through these beacons or agents is quite high. Also, we generally have to make these agents interactive to make these tunnels work, which increases the risk of detection.

https://medium.com/@shantanukhande/red-team-using-sharpchisel-to-exfil-internal-network-e1b07ed9b49
#redteaming #windows #exfiltration #bypass #evasion