Categories: Kali Linux

Egress Assess : Tool Used to Test Egress Data Detection Capabilities

Egress Assess is a tool used to test egress data detection capabilities. To setup, run the included setup script, or perform the following:

  • Install pyftpdlib
  • Generate a server certificate and store it as “server.pem” on the same level as Egress-Assess. This can be done with the following command:

openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes

Also Read : Kaboom : Script That Automates The Penetration Test

Usage

Blog posts are available here:

Typical use case for Egress-Assess is to copy this tool in two locations. One location will act as the server, the other will act as the client. Egress-Assess can send data over FTP, HTTP, and HTTPS.

To extract data over FTP, you would first start Egress-Assess’s FTP server by selecting “–server ftp” and providing a username and password to use:

./Egress-Assess.py –server ftp –username testuser –password pass123

Now, to have the client connect and send data to the ftp server, you could run…

./Egress-Assess.py –client ftp –username testuser –password pass123 –ip 192.168.63.149 –datatype ssn

Also, you can setup Egress-Assess to act as a web server by running….

./Egress-Assess.py –server https

Then, to send data to the FTP server, and to specifically send 15 megs of credit card data, run the following command…

./Egress-Assess.py –client https –data-size 15 –ip 192.168.63.149 –datatype cc

R K

Recent Posts

How Does a Firewall Work Step by Step

How Does a Firewall Work Step by Step? What Is a Firewall and How Does…

1 day ago

ROADTools: The Modern Azure AD Exploration Framework

ROADTools is a powerful framework designed for exploring and interacting with Microsoft Azure Active Directory…

4 days ago

How to Enumerate Microsoft 365 Groups Using PowerShell and Python

Microsoft 365 Groups (also known as M365 Groups or Unified Groups) are at the heart…

4 days ago

SeamlessPass: Using Kerberos Tickets to Access Microsoft 365

SeamlessPass is a specialized tool designed to leverage on-premises Active Directory Kerberos tickets to obtain…

5 days ago

PPLBlade: Advanced Memory Dumping and Obfuscation Tool

PPLBlade is a powerful Protected Process Dumper designed to capture memory from target processes, hide…

5 days ago

HikPwn : Simple Scanner For Hikvision Devices With Basic Vulnerability Scanning

HikPwn: Comprehensive Guide to Scanning Hikvision Devices for Vulnerabilities If you’re searching for an efficient…

6 days ago