Egress-Assess is a tool used to test egress data detection capabilities
 
 
 
 
Go to file
Chris Truncer cbe3fcc0f4 Merge of our malware modules into Egress-Assess 2015-11-16 07:42:26 -07:00
commandcontrol Merge of our malware modules into Egress-Assess 2015-11-16 07:42:26 -07:00
common Merge of our malware modules into Egress-Assess 2015-11-16 07:42:26 -07:00
datatypes Complete identity module added 2015-06-03 21:28:58 -04:00
protocols Merge of our malware modules into Egress-Assess 2015-11-16 07:42:26 -07:00
setup Update setup.sh 2015-06-03 11:01:14 -04:00
.gitignore Added smtp client and server modules 2015-01-04 11:22:01 -05:00
CHANGELOG Small update/cleanup to Orchestra class 2015-01-24 14:45:23 -05:00
Egress-Assess.py Merge of our malware modules into Egress-Assess 2015-11-16 07:42:26 -07:00
EgressAssess.ps1 Merge of our malware modules into Egress-Assess 2015-11-16 07:42:26 -07:00
LICENSE Initial commit 2014-12-10 08:39:11 -05:00
README.md Merged modular branch into master 2014-12-24 08:37:31 -05:00

README.md

Egress-Assess

Egress-Assess is a tool used to test egress data detection capabilities.

Setup

To setup, run the included setup script, or perform the following:

  1. Install pyftpdlib
  2. Generate a server certificate and store it as "server.pem" on the same level as Egress-Assess. This can be done with the following command:

"openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes"

Usage

Blog posts are available here:

Typical use case for Egress-Assess is to copy this tool in two locations. One location will act as the server, the other will act as the client. Egress-Assess can send data over FTP, HTTP, and HTTPS.

To extract data over FTP, you would first start Egress-Assesss FTP server by selecting “--server ftp” and providing a username and password to use:

./Egress-Assess.py --server ftp --username testuser --password pass123

Now, to have the client connect and send data to the ftp server, you could run...

./Egress-Assess.py --client ftp --username testuser --password pass123 --ip 192.168.63.149 --datatype ssn

Also, you can setup Egress-Assess to act as a web server by running....

./Egress-Assess.py --server https

Then, to send data to the FTP server, and to specifically send 15 megs of credit card data, run the following command...

./Egress-Assess.py --client https --data-size 15 --ip 192.168.63.149 --datatype cc