EGRESS-ASSESS
- TESTING EGRESS DATA
DETECTION CAPABILITIES@ChrisTruncer
DATA DETECTION
ACROSS THE NETWORK
A lot of our clients say they inspect their network traffic
Most of them never really tested how good they are at it
We’ve started performing some basic egress testing while on assessments
Credit Cards
Social Security Numbers
Custom generated traffic that’s important to the client
THE SETUP
Typically manual process
Server prep
FTP Server Install
Account Configuration
Web server config
Client Prep
Generating the fake data
Connect to the server
Can this be made easier?
EGRESS-ASSESS
EGRESS-ASSESS
CAPABILITIES
Egress-Assess currently supports two protocols
FTP
HTTP(S)
Can act as both the client AND the server all from the same tool
Just clone to two different machines!
Currently supports two different “data types” for extraction
Credit Cards
Social Security Numbers
What it does…
WHAT’S NEXT? Currently working on creating a
framework
Allows users to develop modules to support new protocols or “data types”
Powershell Client incoming (thanks @424f424f)!
Easy to use on Windows
Run in memory
System Proxy Support
Upcoming goals…
QUESTIONS?
Twitter: @ChrisTruncer
E-mail: [email protected]
Web: https://www.christophertruncer.com
IRC: #veil on Freenode