2. Background
• So far we have seen techniques like:
• DNS
• ICMP
• HTTP POST
• With and without encryption
• Steganography
3. Learn
• We can learn from other projects like Tor
• Exfiltrate using CDN (domain fronting)
• Exfiltrate to Tor Hidden Services
• Known and used protocol within the org. such
as IMAP
• Highjack already running protocols
• Known applications
• Skype
• Dropbox
4. Future
• Know your target
• And their running applications
• Exfiltrate from user PC or DMZ?
• Your code needs to know the environment
• Needs proxy or not
• Airgap network
• How fast do you need to exfiltrate the data?
• Exfiltrate to one or multiple targets at once