Exfiltrating using DET

- [Instructor] DET is a tool provided by SensePost…which provide examples of exfiltration…using multiple protocols.…We can clone it from the git repository shown here.…I'll clone this into my user share folder,…the tools being cloned now and we can run pip…to install the tool requirements.…

The requirements have been set up,…so let's see what we've got.…We can see the det.py file in a folder for plugins.…We can see the various protocol plugin files,…including DNS, HTTP, ICMP and Twitter.…Gmail, Google Docs and Slack are also there,…as are the TCP and UDP files.…Let's do an ICMP exfiltration using DET.…

I've got two terminals set up and…I'll run one as the target…which is exfiltrating data…the ICMP client.…And the other as the collector the ICMP server.…The L switch which indicates this is a listening server…and is now waiting for traffic.…Let's start up the exfiltrator.…

We've started the exfiltration,…and it sends the file in stages sleeping in between.…This is to minimize the noise.…The collector confirms it's receiving the data.…