Improve Data Exfiltration

Question

Improve Data Exfiltration

lucaderi opened this issue a year ago · 1 comments

lucaderi commented a year ago

Using https://github.com/m57/dnsteal the following traffic is generated and better flow risks shall be generated

dnsteal.pcap.zip

Answer 1 · 2023-10-18T15:35:32.000Z

What flow risks would you prefer?

For now all 5 flows get already two relevant flow risks:

Risk stats [found 5 (100.0 %) flows with risks]:
	Susp DNS Traffic                             5 [33.3 %]
	Non-Printable/Invalid Chars Detected         5 [33.3 %]
	Minor Issues                                 5 [33.3 %]