In this video, see how to install PyExfil and learn about the options it provides for exfiltration.
- [Instructor] PyExfil is a client…server tool which enables exfiltration…of data over a number of different protocols.…Let's clone PyExfil and take a look at it.…I'll clone this into my user share directory.…We're cloned so let's see what's…in the directory.…We'll make sure we've got most…of the requirements loaded,…but there are three we need to remove…before doing this.…
I'll just amend the requirements.txt file…and remove them.…I'll go down and remove urllib2,…PIL, and ftplib.…And that's it and I'll run it.…
Okay we're ready to go.…Let's see the range of protocols we can use…through a tunnel using PyExfil.…We can see here there's three main groups…of exfiltration techniques:…Network, physical and steganography.…The physical extraction uses QR codes.…An interesting approach.…But we'll focus on the network protocols.…
Here we can see a reasonable number…of protocols to use.…The Border Gateway Protocol, BGP.…DBLSP is a protocol used by Dropbox…to look for Dropbox service to sync to.…And PyExfil can use this protocol.…
- How tunneling works
- Running a local SSH tunnel
- Dynamic SSH tunneling
- Pivoting with Armitage and Metaspoit
- Exfiltrating using DET and DNS
- Covert exfiltration with Cachetalk
- Using PyExfil to exfiltrate over HTTPS
Skill Level Advanced
Ethical Hacking: Penetration Testingwith Lisa Bock1h 20m Intermediate
Penetration Testing Essential Trainingwith Malcolm Shore2h 29m Intermediate
Penetration Testing: Advanced Kali Linuxwith Malcolm Shore2h 22m Intermediate
1. Preparing the Lab
Next steps1m 38s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.